MS16-107: Description of the security update for Outlook 2013: September 13, 2016
This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Security Bulletin MS16-107
To apply this security update, you must have the release version of Service Pack 1 for Microsoft Office 2013
installed on the computer.
For a complete list of affected versions of Microsoft Office software, see Microsoft Knowledge Base article KB3185852
This security update contains improvements and fixes for the following nonsecurity issues:
- Enable the DialogAPI 1.1 requirement that is set in Office 2013 applications and the Mailbox 1.4 requirement that is set in Outlook 2013.
- Translate some terms in multiple languages to make sure that the meaning is accurate.
- Assume that you disable read receipt functionality in Outlook 2013. When you receive email messages that have a requested SMIME receipt, local copies of email messages bloat the Versions folder on the server that is running Exchange.
- When you forward IRM email messages, the content is attached as an .msg attachment instead of being inserted into the message body in the new email message.
- A non-default Retention policy that is applied to shared mailboxes in Outlook does not apply to subfolders that are created in those mailboxes by any user who has permissions to that mailbox in Cached Exchange mode. This causes messages that are moved to those subfolders to inherit the parent folder's retention policy and not honor the policy set by the user. Therefore, the message can be deleted during the wrong period.
- When you move a junk email message from the Junk E-Mail folder, and you try to download the email message again in Outlook 2013, the email message is moved to the Junk E-Mail folder again.
- When you use a meeting request in Outlook 2013, Outlook crashes randomly.
Method 1: Microsoft Update
This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see the "Turn on automatic updating in Control Panel" section of this Safety & Security Center article
Method 2: Microsoft Update Catalog
Method 3: Microsoft Download Center
You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.
Security update deployment information
For deployment information about this update, see Microsoft Knowledge Base article KB3185852
Security update replacement information
This security update doesn't replace any previously released update.
File hash information
|Package name||Package hash SHA 1||Package hash SHA 2|
The English version of this security update has the file attributes (or later file attributes) that are listed in the following table.ERROR: PhantomJS timeout occurred