This security update resolves vulnerabilities in Microsoft Office. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures ADV180021.
Note To apply this security update, you must have the release version of Outlook 2016 installed on the computer.
Be aware that the update that is available the Microsoft Download Center applies to the Microsoft Installer (.msi)-based edition of Office 2016. It doesn't apply to the Office 2016 Click-to-Run editions, such as Microsoft Office 365 Home (see Determining your Office version).
Improvements and fixes
- With this update installed, Microsoft Outlook 2016 restricts users from adding cloud files as attachments to digitally signed, rights-protected, or encrypted email messages. If you try to send such email messages, the email messages can't be sent, and a dialog box notifies you why it can't be sent. In this case, you would have to remove the attachments or attach the cloud files as a copy.
- Add translations in all languages for Outlook 2016 update that restrict the user from adding cloudy attachments to digitally signed, rights protected, or encrypted messages. (This is related to that issue that is described in the previous bullet.)
- This update improves translations of first, middle and last names labels in French to make sure that the meaning is accurate.
This update fixes a potential crash in third-party MAPI applications.
Outlook 2016 may still start in Offline mode even though you set it to start in Online mode.
Assume that you sign in to Outlook 2016 by using an account that doesn't use the modern authentication in Windows 10. The Security Support Provider Interface (SSPI) authentication prompt will sometimes appear behind other windows, and it is inaccessible by keyboard. See KB 4032226 for more information.
- Add translations in all languages for the client fix that addresses an issue where the authentication prompt would sometimes appear behind other windows and may be inaccessible to the user. (This is related to the issue that is described in the previous bullet.)
Dynamics CRM functionality is blocked unless you enable all roaming folder homepages by using the EnableRoamingFolderHomepages registry key that is documented in the following article:
How to get and install the update
Method 1: Microsoft Update
This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.
Method 2: Microsoft Update Catalog
To get the stand-alone package for this update, go to the Microsoft Update Catalog website.
Method 3: Microsoft Download Center
You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.
Security update deployment information
For deployment information about this update, see security update deployment information: August 14, 2018.
Security update replacement information
This security update replaces previously released security update KB 4022160.
File hash information
|File name||SHA1 hash||SHA256 hash|
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.