Security update KB4484497 for Outlook blocks macros

[German]Microsoft  released security update KB4484497 for Outlook 2010 on August 11, 2020. However, I got reports, that this security update blocks the execution of macros.


Advertising

Update KB4484497 foür Outlook 2010

Update KB4484497 was already released on August 11, 2020 as part of the patchday. This security update resolves a remote code execution vulnerability in Microsoft Outlook 2010 that exists because software does not properly process objects in memory. This update also fixes a vulnerability related to information disclosure that occurs when files are attached to Outlook messages. For more information about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2020-1483 and Microsoft Common Vulnerabilities and Exposures CVE-2020-1493.  I mentioned the update for Outlook 2010 in the blog post Patchday Microsoft Office Updates (August 11, 2020) .

Update KB4484497 blocks Macros

I received this German comment from blog reader Mornsgrans (thanks). He mentioned issues, because this update blocks the execution of macros. He writes:

After installation of KB4484497 self-signed macros do not work anymore at least in Outlook 2010 and 2019. With the latter, the same KB will probably have the same effect.

This KB is supposed to close the vulnerability CVE-2020-1483. As usual the programmers block legal tools permanently:

Macro is called – nothing happens.

If I call Developer Tools – Visual Basic and try to execute the macro in the editor, I get this message:
"The macros in this project are disabled. For information on how to enable macros, see the online help or documentation for the host application."

The only issue is that

– the help is no help and brings nothing to the topic
– Microsoft apparently has no current guidance on this
– in the security settings of Outlook the signed macros are activated and the certificate is valid.

Once again I have no choice but to uninstall the security update from all computers.

In the Windows 10 forum there is this post (possibly from the same user who also reports these problems. There were also the updates KB4484486 for Outlook 2013 and KB4484486 for Outlook 2016 for the patchday. Question in the round: Anyone else who can confirm this behavior?


Cookies helps to fund this blog: Cookie settings
Advertising


##1

This entry was posted in issue, Office, Security, Update and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *