HowTo-Outlook

Microsoft released the October feature update of Outlook for Microsoft 365 Apps in the Current Channel.

This month’s update is very minimal when it comes to Outlook as there is only 1 highlighted bug fix and again no new features.

• We fixed an issue that caused emails to get stuck in the outbox for some profiles with multiple Exchange accounts configured.

Excel got a much more exciting update this month with the following new feature;

• Get data for your workbooks by importing an image
  Turn images with text into content you can edit in Excel. With the Data from Picture feature, you can convert the information in an image to data on a worksheet.

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook or the Microsoft Store and updates Outlook to: Version 2210 (Build 15726.20174).

The October security and rollup update has been made available for all Click-to-Run installations of Outlook 2016, Outlook 2019, Outlook 2021 and Outlook as part of a Microsoft 365 subscription.

It contains 4 security updates for Word (3) and Office (1).

In addition, it contains 1 documented non-security fixes related to Outlook Current Version 2209, 12 fixes for Monthly Enterprise Version 2208, and 6 fixes for Semi-Annual Preview Version 2208. Most notable fixes are;

• Version 2209
• We fixed an issue that caused emails to get stuck in the outbox for some profiles with multiple Exchange accounts configured.
• Version 2208 (Monthly Enterprise and Semi-Annual Preview)
• We fixed an issue that caused Modern Groups related dialogs to be heavily broken.
• We fixed an issue that caused users to experience a close unexpectedly on bringing up some persona cards.
• Version 2208 Enterprise
• We fixed an issue that caused users to be unable to load linked images when replying to or forwarding a message.
• We fixed an issue where Outlook couldn’t open a message that was sent using Outlook on the web and contained a comment that was copied from Word.
• We fixed an issue related to rendering SVG graphics in Outlook.

One of the fixes mentioned for Monthly Enterprise Version 2208 could actually be considered a new feature instead;

• Every Meeting Online option for third party meeting applications
  This change enables the Every Meeting Online option for third party meeting applications.
• File-> Options-> Calendar-> Add online meeting to all meetings: Add Meeting Provider…
• Supported are; Zoom for Outlook, Cisco WebEx Scheduler, BlueJeans Meetings, GoTo for Outlook, Google Meet, and JioMeet for Outlook.

Based on your release channel, you’ll be updated to the following version;

• Microsoft 365 Apps, Outlook 2016 Retail, Outlook 2019 Retail, Outlook 2021 Retail
  Version 2209 (Build 15629.20208)
• Monthly Enterprise
  Version 2208 (Build 15601.20230)
  Version 2207 (Build 15427.20308)
• Semi-Annual Enterprise (Preview)
  Version 2208 (Build 15601.20230)
• Semi-Annual Enterprise
  Version 2202 (Build 14931.20764)
  Version 2108 (Build 14326.21186) 
• Outlook LTSC 2021
  Version 2108 (Build 14332.20400)
• Outlook 2019 Volume Licensed
  Version 1808 (Build 10391.20029)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook itself or the Microsoft Store. This update does not apply to msi-based installations of Office 2016.

Security updates have been released for Exchange 2013, Exchange 2016 and Exchange 2019.

The updates fix the following vulnerabilities;

• CVE-2022-21979: Microsoft Exchange Information Disclosure Vulnerability 
• CVE-2022-21980: Microsoft Exchange Server Elevation of Privilege Vulnerability 
• CVE-2022-24477: Microsoft Exchange Server Elevation of Privilege Vulnerability 
• CVE-2022-24516: Microsoft Exchange Server Elevation of Privilege Vulnerability 
• CVE-2022-30134: Microsoft Exchange Server Elevation of Privilege Vulnerability 
• CVE-2022-34692: Microsoft Exchange Information Disclosure Vulnerability

None of the vulnerabilities are currently publicly disclosed nor being exploited. However, for 3 of the vulnerabilities the exploitability assessment is regarded as “More Likely”, so it is important to update as soon as possible.

You might have recognized that these are the same vulnerabilities as from the Security Updates for August. That re-release is due to address a known issue.

Note however that this Security Update does not address the zero-day vulnerabilities of September 29 (CVE-2022-41040 and CVE-2022-41082). You’d still need to have the mitigations for those applied as instructed in a previous blog post by the Exchange Team.

In addition to installing the update, you must also enable Windows Extended Protection to protect yourself from the vulnerabilities. This is unfortunately not a simple thing to enable as it is not compatible with all configurations. Therefor, make sure you carefully read the Extended Protection documentation and use the provided script to enable it.

The updates also contain the following non-security issues;

• KB5019807: Can’t finish the E-discovery process for an on-premises mailbox
• KB5019808: E-Discovery search fails in Exchange Online

View: Exchange Blog: Released: October 2022 Exchange Server Security Updates
View: Description of the security update for Microsoft Exchange Server 2019 and 2016: October 11, 2022 (KB5019077)
View: Description of the security update for Microsoft Exchange Server 2013: October 11, 2022 (KB5019076)

Download: Security Update for Exchange 2019 CU11 and CU12
Download: Security Update for Exchange 2016 CU22 and CU23
Download: Security Update for Exchange 2013 CU23

Microsoft released the September feature update of Outlook for Microsoft 365 Apps in the Current Channel.

This month’s update is again a bit unexciting for Outlook as there are only 5 highlighted bug fixes and no new features.

• We fixed an issue that caused users to experience a close unexpectedly when switching views in the calendar module.
• We fixed an issue that caused Modern Groups related dialogs to be heavily broken.
• We fixed and issue that caused users to experience a close unexpectedly shortly after boot.
• We fixed an issue that caused users who disabled service notifications to see a deprecated UI showing notifications service disabled.
• We fixed an issue that caused Outlook to close unexpectedly when submitting feedback.

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook or the Microsoft Store and updates Outlook to: Version 2209 (Build 15629.20156).

The September security and rollup update has been made available for all Click-to-Run installations of Outlook 2016, Outlook 2019, Outlook 2021 and Outlook as part of a Microsoft 365 subscription.

It contains 3 security updates for PowerPoint (1) and Visio (2).

In addition, it contains 2 documented non-security fixes related to Outlook Current Version 2208, 4 fixes for Monthly Enterprise Version 2207, 3 fixes for Semi-Annual Version 2202, and 1 fix for Semi-Annual Version 2108. Most notable fixes are;

• Version 2208
• We fixed an issue that caused the Customization Quick Access Toolbar file (.exportedUI) to not import when the simplified ribbon is in use.
• Version 2208, 2202, and 2108
• We fixed an issue related to rendering SVG graphics in Outlook.
• Version 2207
• We fixed an issue that caused Exchange 2019 users to see Outlook not display the reply indicator icon on messages in search results.
• We fixed an issue where an Outlook (WordMail) message would flash with a white background while zooming in or out.
• Version 2202
• We fixed an issue where references and reply-to headers were removed when replying to an email and the subject was changed.

Version 2208 has now also been released to the Semi-Annual Enterprise Channel (Preview) and contains 4 highlighted new features and 37 fixes which have been made available already to the Current release channel too. The new features are;

• Use suggested replies in Outlook
  When you receive an email message that can be answered by a short response, Outlook can suggest three responses you can use to reply with just a couple of clicks.
• Suggested Replies can be turned off via; File-> Options-> Mail-> section: Replies and Forwards-> toggle option: Show suggested replies
• One-click writing suggestions
  Apply writing suggestions with a single click. Editor corrects spelling and grammar and gives you ideas for refining your writing.
• Grammar checking’s got your back
  Outlook marks grammar errors as you type, so you can apply suggestions with a single click.
• Show multiple mini-months in Calendar To-Do Bar
  This feature allows you to show multiple mini-months both horizontally and vertically in the Calendar To-Do bar.

Based on your release channel, you’ll be updated to the following version;

• Microsoft 365 Apps, Outlook 2016 Retail, Outlook 2019 Retail, Outlook 2021 Retail
  Version 2208 (Build 15601.20148)
• Monthly Enterprise
  Version 2207 (Build 15427.20284)
  Version 2205 (Build 15225.20422)
• Semi-Annual Enterprise (Preview)
  Version 2208 (Build 15601.20148)
• Semi-Annual Enterprise
  Version 2202 (Build 14931.20724)
  Version 2108 (Build 14326.21142) 
• Outlook LTSC 2021
  Version 2108 (Build 14332.20375)
• Outlook 2019 Volume Licensed
  Version 1808 (Build 10390.20024)

Note: Monthly Enterprise Version 2206 will not be serviced since it was an out-of-band update that was only available on-demand. Instead, Monthly Enterprise Version 2205 will still be supported this month.

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook itself or the Microsoft Store. This update does not apply to msi-based installations of Office 2016.

Microsoft released the August feature update of Outlook for Microsoft 365 Apps in the Current Channel.

This month’s update isn’t that exciting for Outlook unless you are using a 3rd party meeting tool. There are 4 highlighted fixes that apply to Outlook, although I’d consider the aforementioned fix a new feature.

• Every Meeting Online option for third party meeting applications
  This change enables the Every Meeting Online option for third party meeting applications. Supported are; Zoom for Outlook, Cisco WebEx Scheduler, BlueJeans Meetings, GoTo for Outlook, Google Meet, and JioMeet for Outlook.
• We fixed an issue where Outlook can sometimes close unexpectedly when right-clicking on an app in the new app bar.
• We fixed an issue that caused users to be unable to load linked images when replying to or forwarding a message.
• We fixed an issue where Outlook couldn’t open a message that was sent using Outlook on the web and contained a comment that was copied from Word.

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook or the Microsoft Store and updates Outlook to: Version 2208 (Build 15601.20088).

The August security and rollup update has been made available for all Click-to-Run installations of Outlook 2016, Outlook 2019, Outlook 2021 and Outlook as part of a Microsoft 365 subscription.

It contains 3 security updates for Excel (1), Outlook (1) and Office (1). The details about the Outlook vulnerability can be found below;

• CVE-2022-35742: Microsoft Outlook Denial of Service Vulnerability 
  • This vulnerability is currently not publicly disclosed nor exploited.
  • The Preview Pane is not an attack vector.
  • The Exploitability Assessment is rated: Exploitation Less Likely.

In addition, it contains 1 documented non-security fixes related to Outlook Current Version 2207, 2 new features for Monthly Enterprise Version 2206, 2 fixes for Semi-Annual Version 2202.

• Version 2207
  • We fixed an issue that caused some people to experience an unexpected close shortly after boot.
• Version 2202
  • We fixed an issue that caused users to experience a profile corruption issue that results in symptoms such as synchronization failures in shared folders and calendars, receiving NDRs for messages that have been delivered, and search failures in shared folders. Users experiencing this issue will need to re-create their profile to restore normal operations.
  • We fixed an issue where users were not able to add room mailboxes to the calendar.

The new features in Monthly Enterprise Version 2206 are;

• Use suggested replies in Outlook
  When you receive an email message that can be answered by a short response, Outlook can suggest three responses you can use to reply with just a couple of clicks.
  • Suggested Replies can be turned off via; File-> Options-> Mail-> section: Replies and Forwards-> toggle option: Show suggested replies
• Add SketchUp files to Office creations
  SketchUp is a popular 3D graphics program that makes it easy to create shareable conceptual designs, such as fully textured architectural models and other graphics used in industrial design, product design, and civil and mechanical engineering. Now, for the first time, SketchUp graphics (.skp files) can be integrated into your creations in Word, Excel, PowerPoint, and Outlook!

Based on your release channel, you’ll be updated to the following version;

• Microsoft 365 Apps, Outlook 2016 Retail, Outlook 2019 Retail, Outlook 2021 Retail
  Version 2207 (Build 15427.20210)
• Monthly Enterprise
  Version 2206 (Build 15330.20298)
  Version 2205 (Build 15225.20394)
• Semi-Annual Enterprise (Preview)
  Version 2202 (Build 14931.20660)
• Semi-Annual Enterprise
  Version 2202 (Build 14931.20660)
  Version 2108 (Build 14326.21096)
  Version 2102 (Build 13801.21582) 
• Outlook LTSC 2021
  Version 2108 (Build 14332.20358)
• Outlook 2019 Volume Licensed
  Version 1808 (Build 10389.20033)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook itself or the Microsoft Store. This update does not apply to msi-based installations of Office 2016.

Security updates have been released for Exchange 2013, Exchange 2016 and Exchange 2019.

The updates fix the following vulnerabilities;

• CVE-2022-21979: Microsoft Exchange Information Disclosure Vulnerability 
• CVE-2022-21980: Microsoft Exchange Server Elevation of Privilege Vulnerability 
• CVE-2022-24477: Microsoft Exchange Server Elevation of Privilege Vulnerability 
• CVE-2022-24516: Microsoft Exchange Server Elevation of Privilege Vulnerability 
• CVE-2022-30134: Microsoft Exchange Server Elevation of Privilege Vulnerability 
• CVE-2022-34692: Microsoft Exchange Information Disclosure Vulnerability

None of the vulnerabilities are currently publicly disclosed nor being exploited. However, for 3 of the vulnerabilities the exploitability assessment is regarded as “More Likely”, so it is important to update as soon as possible.

In addition of installing the update, you must also enable Windows Extended Protection to protect yourself from the vulnerabilities. This is unfortunately not a simple thing to enable as it is not compatible with all configurations. Therefor, make sure you carefully read the Extended Protection documentation and use the provided script to enable it.

The updates also contain the following non-security issues;

• KB5017261: Start-DatabaseAvailabilityGroup fails with BlockedDeserializeTypeException 
• KB5017430: E-Discovery search fails in Exchange Online

View: Exchange Blog: Released: August 2022 Exchange Server Security Updates
View: Description of the security update for Microsoft Exchange Server 2019 and 2016: August 9, 2022 (KB5015322)
View: Description of the security update for Microsoft Exchange Server 2013: August 9, 2022 (KB5015321)

Download: Security Update for Exchange 2019 CU11 and CU12
Download: Security Update for Exchange 2016 CU22 and CU23
Download: Security Update for Exchange 2013 CU23

A Security Update has been released for Outlook 2016. It resolves the following vulnerability;

• CVE-2022-35742: Microsoft Outlook Denial of Service Vulnerability 
  • This vulnerability is currently not publicly disclosed nor exploited.
  • The Preview Pane is not an attack vector.
  • The Exploitability Assessment is rated: Exploitation Less Likely.

View: Download information for KB5002051

Note: This update can be installed via Microsoft Update and updates Outlook to version 16.0.5257.1000. This update does not apply to Perpetual (Retail) and Microsoft 365 based installations of Office 2016.

A Security Update has been released for Outlook 2013. It resolves the following vulnerability;

• CVE-2022-35742: Microsoft Outlook Denial of Service Vulnerability 
  • This vulnerability is currently not publicly disclosed nor exploited.
  • The Preview Pane is not an attack vector.
  • The Exploitability Assessment is rated: Exploitation Less Likely.

View: Download information for KB5001990

Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 2013 Click-To-Run and updates Outlook to version 15.0.5399.1000.