Description of the security update for Outlook 2013: April 11, 2017

2020-04-13T02:25:57
ID KB3172519
Type mskb
Reporter Microsoft
Modified 2020-04-16T08:13:37

Description

<html><body><p>Describes a security update that fixes vulnerabilities in Microsoft Office. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.</p><h2>Summary</h2><p>This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see <a data-content-id="" data-content-type="" href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0106" target="_blank">Microsoft Common Vulnerabilities and Exposures CVE-2017-0106</a> and <a data-content-id="" data-content-type="" href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0204" target="_blank">Microsoft Common Vulnerabilities and Exposures CVE-2017-0204</a>.<br/><br/><strong>Note</strong> To apply this security update, you must have the release version of <a href="http://support.microsoft.com/kb/2817430">Service Pack 1 for Microsoft Office 2013</a> installed on the computer.<span class="rangySelectionBoundary" id="selectionBoundary_1491372160355_514565591137953"></span><br/></p><h2>Improvements and fixes</h2><div>This security update contains improvements and fixes for the following nonsecurity issues:<ul type="UnorderedBullets"><li>Increases the number of retries when trying to connect to a host in Microsoft Outlook 2013. By default, WinHTTP will try six IP addresses (one initial attempt and five retries) when trying to establish a connection to a host. If Outlook 2013 tries to attempt more than six IP addresses, the connection will fail. This is particularly problematic on networks that have intermittent IPv6 connectivity problems. Increasing the number of retries may allow the connection to succeed with IPv4 addresses. To enable this feature, see <a bookmark-id="" data-content-id="3178716" data-content-type="article" href="" managed-link="" target="_blank">KB3178716</a> for more information.</li><li>Resolves an issue in which your email address is added to the <strong>To </strong>field when you "reply all" to an email message of an Outlook.com account.</li><li>If an Object Model call gets the conversation index of some items in Outlook 2013, Outlook will no longer crash.</li><li>If an appointment is modified by an add-in by calling body.setAsync, the appointment body that is sent will no longer be blank.</li><li>When you forward and an email message that contains attachments in Outlook 2013 and you add attachments, the attachments in the email message will no longer be swapped and become corrupted.</li></ul></div><h2>Known issues in this security update</h2><p>After you install this security update, when you use the Quick Print feature in Outlook to print emails that contain attachments, you receive an error stating the attached files cannot be found.</p><p>For more information, go to the following article in the Microsoft Knowledge Base:</p><div class="indent"><a href="https://support.microsoft.com/en-us/help/4025539" id="kb-link-9">Quick Print can't find email attachments in Outlook</a></div><h2>Deployment information</h2>For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:<br/> <div class="indent"> <a href="https://support.microsoft.com/en-us/help/20170411" id="kb-link-9">Security update deployment information: April 11, 2017</a></div><h2>How to get and install the update</h2><h3>Method 1: Microsoft Update</h3><table class="faq-section" faq-section=""><tbody class="faq-panel"><tr><td faq-panel-body="">This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see <a bookmark-id="" data-content-id="" data-content-type="" href="https://support.microsoft.com/en-us/help/12373/windows-update-faq" managed-link="" target="">Windows Update: FAQ</a>.</td></tr></tbody></table><h3>Method 2: Microsoft Update Catalog</h3><table class="faq-section" faq-section=""><tbody class="faq-panel"><tr><td faq-panel-body="">To get the stand-alone package for this update, go to the <a bookmark-id="" data-content-id="" data-content-type="" href="http://www.catalog.update.microsoft.com/Search.aspx?q=KB3172519" managed-link="" target="">Microsoft Update Catalog</a> website.</td></tr></tbody></table><h3>Method 3: Microsoft Download Center</h3><table class="faq-section" faq-section=""><tbody class="faq-panel"><tr><td faq-panel-body="">You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.<ul linespacing="1" style="list-style-type:UnorderedBullets" type="UnorderedBullets"><li><span asset="4009805" contenteditable="false" props='{"size":"full"}' unselectable="on">4009805</span><a bookmark-id="" data-content-id="" href="http://www.microsoft.com/download/details.aspx?familyid=52f24b91-8357-4238-ac7b-76c6fc73c26a" managed-link="">Download the security update KB3172519 for the 32-bit version of Outlook 2013</a></li><li><span asset="4009805" contenteditable="false" props='{"size":"full"}' unselectable="on">4009805</span><a bookmark-id="" data-content-id="" href="http://www.microsoft.com/download/details.aspx?familyid=24f7b73f-9427-4ced-9e32-708713ea0679" managed-link="">Download the security update KB3172519 for the 64-bit version of Outlook 2013</a></li></ul></td></tr></tbody></table><h2>More Information</h2><h3>Security update replacement information</h3><p>This security update replaces previously released security update <a bookmark-id="" data-content-id="" data-content-type="" href="http://support.microsoft.com/kb/3118280" managed-link="" target="">KB3118280</a>.</p><h3>File hash information</h3><table class="table"><tbody><tr><th>Package Name</th><th>Package Hash SHA 1</th><th>Package Hash SHA 2</th></tr><tr><td>outlook2013-kb3172519-fullfile-x86-glb.exe</td><td>EC8AD48B3E65984BCFB86213D3F374E32D489897</td><td>2449DF4B22F042727D5D70B80492F3770EF74E4406C0909D39BD06AF2CA694EF</td></tr><tr><td>outlook2013-kb3172519-fullfile-x64-glb.exe</td><td>3884596C94EEA6FA4C8DBC0F441FC534349C1145</td><td>28A0E8034E52190F4237198F098948CB99D3BE0012AC570575212C7F3FE5E865</td></tr></tbody></table><h3>File information</h3><p>For the list of files that cumulative update KB3172519 contains, download the <a data-content-id="" data-content-type="" href="http://download.microsoft.com/download/C/E/5/CE568E5D-6DBD-449E-A022-300319C65B1D/3172519.csv" managed-link="" target="_blank">file information for the x86-based update KB3172519</a> and <a href="http://download.microsoft.com/download/C/E/5/CE568E5D-6DBD-449E-A022-300319C65B1D/3172519 x64.csv" managed-link="" target="_blank">file information for the x64-based update KB3172519</a>.</p><h2></h2><h3>How to get help and support for this security update</h3><table class="faq-section" faq-section=""><tbody class="faq-panel"><tr><td faq-panel-body=""><p><span><span><span>Help for installing updates: </span></span></span><a href="https://support.microsoft.com/en-us/help/12373/windows-update-faq"><span><span><u>Windows Update FAQ</u></span></span></a><span><span><span><br/><br/>Security solutions for IT professionals: </span></span></span><a href="https://technet.microsoft.com/security/bb980617.aspx"><span><span><u>Security Support and Troubleshooting</u></span></span></a><span><span><span><br/><br/>Help for protecting your Windows-based computer from viruses and malware: </span></span></span><a href="https://support.microsoft.com/contactus/cu_sc_virsec_master"><span><span><u>Windows Secure</u></span></span></a><span><span><span><br/><br/>Local support according to your country: </span></span></span><a href="http://support.microsoft.com/"><span><span><u>International Support</u></span></span></a></p><p><span><span><span><span>Propose a feature or provide feedback on Office Core: </span></span></span></span><a href="https://office.uservoice.com/"><span><span><span><u>Office User Voice portal</u></span></span></span></a></p></td></tr></tbody></table></body></html>