Summary
This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2017-0106 and Microsoft Common Vulnerabilities and Exposures CVE-2017-0204.Note To apply this security update, you must have the release version of Service Pack 1 for Microsoft Office 2013 installed on the computer.
Improvements and fixes
This security update contains improvements and fixes for the following nonsecurity issues:
-
Increases the number of retries when trying to connect to a host in Microsoft Outlook 2013. By default, WinHTTP will try six IP addresses (one initial attempt and five retries) when trying to establish a connection to a host. If Outlook 2013 tries to attempt more than six IP addresses, the connection will fail. This is particularly problematic on networks that have intermittent IPv6 connectivity problems. Increasing the number of retries may allow the connection to succeed with IPv4 addresses. To enable this feature, see KB3178716 for more information.
-
Resolves an issue in which your email address is added to the To field when you "reply all" to an email message of an Outlook.com account.
-
If an Object Model call gets the conversation index of some items in Outlook 2013, Outlook will no longer crash.
-
If an appointment is modified by an add-in by calling body.setAsync, the appointment body that is sent will no longer be blank.
-
When you forward and an email message that contains attachments in Outlook 2013 and you add attachments, the attachments in the email message will no longer be swapped and become corrupted.
Known issues in this security update
After you install this security update, when you use the Quick Print feature in Outlook to print emails that contain attachments, you receive an error stating the attached files cannot be found.
For more information, go to the following article in the Microsoft Knowledge Base:
Deployment information
For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:
How to get and install the update
Method 1: Microsoft Update
|
This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ. |
Method 2: Microsoft Update Catalog
|
To get the stand-alone package for this update, go to the Microsoft Update Catalog website. |
Method 3: Microsoft Download Center
|
You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update. |
More Information
Security update replacement information
This security update replaces previously released security update KB3118280.
File hash information
|
Package Name |
Package Hash SHA 1 |
Package Hash SHA 2 |
|---|---|---|
|
outlook2013-kb3172519-fullfile-x86-glb.exe |
EC8AD48B3E65984BCFB86213D3F374E32D489897 |
2449DF4B22F042727D5D70B80492F3770EF74E4406C0909D39BD06AF2CA694EF |
|
outlook2013-kb3172519-fullfile-x64-glb.exe |
3884596C94EEA6FA4C8DBC0F441FC534349C1145 |
28A0E8034E52190F4237198F098948CB99D3BE0012AC570575212C7F3FE5E865 |
File information
For the list of files that cumulative update KB3172519 contains, download the file information for the x86-based update KB3172519 and file information for the x64-based update KB3172519.
How to get help and support for this security update
|
Help for installing updates: Windows Update FAQ Security solutions for IT professionals: Security Support and Troubleshooting Help for protecting your Windows-based computer from viruses and malware: Windows Secure Local support according to your country: International Support Propose a feature or provide feedback on Office Core: Office User Voice portal |
