KB5001990 security update for Outlook 2013

KB5001990 is the latest security update for Microsoft Outlook 2013 Service Pack 1 and Microsoft Outlook 2013 RT Service Pack 1. It was released on 9th August 2022 as part of the Microsoft ‘Patch Tuesday’ project. The security update seeks to resolve a vulnerability on the Microsoft Outlook. We look at the key aspects of KB5001990 for Microsoft Outlook below.

Salient points about KB5001990 for Microsoft Outlook 2013

KB5001990 is a standalone security update for Microsoft Outlook 2013 Service Pack 1.
KB5001990 supersedes KB5001934 security update. KB5001934 was released in June 2021.
KB5001990 has been released in the form of separate files for 32 bit and 64 bit systems.
You can apply KB5001990 as an executable hotfix. Or, you could choose to use the MSU update file to deploy on Microsoft Outlook installations.
KB5001990 resolves the ‘Denial of Service’ vulnerability on Microsoft Outlook 2013 Service Pack 1. The vulnerability details are shared below.
The size of MSU update file for 64 bit systems is 90.2 MB; the size of MSU update file for 32 bit systems in 86.8 MB.

Vulnerability resolved in KB5001990 for Microsoft Outlook 2013 Service Pack 1

KB5001990 is a standalone security update that resolves a ‘Denial of Service’ vulnerability. Details of the vulnerability are shared below.

CVE-2000-35742 – Microsoft Outlook Denial of Service Vulnerability

This is a CVSS 7.5 vulnerability with ‘Important’ severity.
The vulnerability could cause a ‘Denial of Service’ attack on the target machine.

The attacker could exploit this vulnerability by sending a specially crafted email which triggers automatically when it is retrieved and processed by the email server. This could lead to a denial of service BEFORE the email is viewed in the Preview Pane.

This vulnerability has been fully patched in KB5001990 for Microsoft Outlook 2013 Service Pack 1 and Microsoft Outlook 2013 RT Service Pack 1.

How can I deploy KB5001990 on Microsoft Outlook 2013 Service Pack 1?

KB5001990 can be deployed automatically or manually as per the methods shared below.

KB5001990 will be automatically applied if automatic updates are enabled through the ‘Microsoft Update’ program.
KB5001990 can be downloaded as an executable file from the Microsoft Download Center.
KB5001990 executable file for 32 bit systems can be downloaded from this page on the Microsoft Download Center.
KB5001990 executable file for 64 bit systems can be downloaded from this page on the Microsoft Download Center.
You can also download the security update KB5001990 for Microsoft Outlook 2013 from the Microsoft Update Catalog page. The MSU update files for 32 bit edition or 64 bit edition of Microsoft Outlook 2013 can be downloaded from this page on the Microsoft Update Catalog.

KB5002051 Security Update for Microsoft Outlook 2016

KB5002051 is the latest security update for Microsoft Outlook 2016. It was released on 9th August 2022 as part of the ‘Microsoft Patch Tuesday’ program. The security update is intended ti resolve a ‘Denial of Service’ vulnerability on Microsoft Outlook 2016. We look at some key points of the security update KB5002051 for Microsoft Outlook 2016.

Salient points about KB5002051 for Microsoft Outlook 2016

KB5002051 is a standalone security update for Microsoft Outlook 2016.
KB5002051 supersedes KB5001942. KB5001942 was released in June 2021.
KB5002051 resolves a ‘Denial of Service’ vulnerability that is being tracked under CVE-2022-35742.
KB5002051 has been released as separate files for 32 bit and 64 bit editions of Microsoft Outlook 2016.
The MSU update for 64 bit Microsoft Outlook 2016 is 94.5 MB.
The MSU update for 32 bit Microsoft Outlook 2016 is 89.5 MB.
This security update may cause a system restart.

Vulnerability resolved in KB5002051 for Microsoft Outlook 2016

KB5002051 resolves a single ‘Denial of Service’ vulnerability on Microsoft Outlook 2016. The details of this vulnerability are listed below in brief:

CVE-2000-35742 – Microsoft Outlook Denial of Service Vulnerability

This is a CVSS 7.5 vulnerability with ‘Important’ severity.
The vulnerability could cause a ‘Denial of Service’ attack on the target machine.

How can I deploy KB5002051 on Microsoft Outlook 2016 installation?

KB5002051 can be deployed through all the regular methods. We list all the methods available to you for patching Microsoft Outlook 2016 with KB5002051.

KB5002051 will be automatically deployed on Microsoft Outlook 2016 installations if automatic updates are enabled.
KB5002051 can be downloaded as an executable file from the Microsoft Download Center.
The 32 bit executable file for KB5002051 can be downloaded from the Microsoft Download Center page.
The 64 bit executable file for KB5002051 can be downloaded from the Microsoft Download Center page here.
You can also download KB5002051 from the Microsoft Update Catalog site. To download KB5002051 as a MSU file, you can visit the KB5002051 page on Microsoft Update Catalog page. There are separate files for 32 bit and 64 bit installations of Microsoft Outlook 2016.

KB5002051 may lead to system restart. So, please plan a change windows or maintenance window accordingly.

Summary

KB5001990 is a standalone security update for Microsoft Outlook 2013 Service Pack 1 that patches ‘Denial of Service’ vulnerability CVE-2022-35742. This security update supersedes previous standalone security update KB5001934 that was released in June 2021.

KB5002051 is a standalone security update for Microsoft Outlook 2016. It supersedes KB5001942 security update that was released in June 2021. The security update resolves the vulnerability CVE-2022-35742.

You may also like to read more content about security updates released by Microsoft in August 2022 below:

–

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.