Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Microsoft Reissues Security Update Due to Outlook Crash

Microsoft has reissued one of the security patches released on Tuesday as part of its monthly update cycle after many customers complained that it caused the Outlook email client to crash.

Microsoft has reissued one of the security patches released on Tuesday as part of its monthly update cycle after many customers complained that it caused the Outlook email client to crash.

Windows users complained on Microsoft’s support forums and elsewhere that Outlook 2010 and 2013 had been crashing when viewing HTML emails. Experts determined that the culprit was KB3097877 on Windows 7 and in some cases possibly KB3105213 (cumulative update) on Windows 10.

KB3097877 is part of Microsoft’s MS15-115 critical bulletin, which resolves seven Windows vulnerabilities that can be exploited for remote code execution and to bypass security features. Microsoft released an updated version of the bulletin late on Wednesday to address the Outlook crash issue.

“[MS15-115] bulletin revised to inform customers running Windows 7 that the 3097877 update has been re-released to address an issue that caused crashes for some customers when they viewed certain emails. Customers who previously installed update 3097877 should reinstall the update to correct this known issue,” Microsoft said.

System administrators said the buggy update had caused problems on tens and even hundreds of their machines.

Most of the affected users who went to Microsoft’s TechNet forum to complain confirmed that removing KB3097877 fixes the issue on Windows 7. Some have also confirmed that the reissued update no longer causes Outlook to crash.

The tech giant released a total of 12 security bulletins on Tuesday, four of which have been classified as “critical.” The updates patch 49 vulnerabilities, more than 30 of which are critical.

Advertisement. Scroll to continue reading.

One of the flaws patched with MS15-115 has been publicly disclosed, but none of them have been exploited in the wild, Microsoft said.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Artificial Intelligence

Two new surveys stress the need for automation and AI – but one survey raises the additional specter of the growing use of bring...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...