Microsoft Office Updates (February 13, 2024)

Update[German]On February 13, 2024 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for Microsoft Office 2016 and other products. A critical vulnerability in Outlook will be closed in February 2024. Below you will find an overview of the available updates.


Advertising

An overview of the updates can be found on this website (and here for this month). Details are documented in the linked KB articles. The updates are available for the installable MSI version of Microsoft Office (the click-to-run packages receive the updates via other channels). Office 2019/2021 does not appear in the list as it is distributed via Click-to-Run packages and receives security updates via the Office Update feature.

Patches are important this month as there is a critical RCE vulnerability in Outlook (see Warning about critical Outlook RCE vulnerability CVE-2024-21413).

Office 2016

The following security updates have been released for Office 2016

  • Excel 2016: KB5002536; If KB5002457 is installed (but not together with KB5002498), a cross-update dependency is introduced that prevents Office applications from starting. This update removes the dependency and allows the applications to start even if both updates are not installed. However, both updates should be installed to fix the original security issue.
  • Office 2016: KB5002467; Closes the RCE vulnerabilities CVE-2024-20673 and CVE-2024-21413.
  • Office 2016: KB5002469; Closes the RCE vulnerabiliy CVE-2024-20673.
  • Office 2016: KB5002519; Closes the RCE vulnerabiliy CVE-2024-21413.
  • Office 2016: KB5002522; Closes the RCE vulnerabiliy CVE-2024-20673 und CVE-2024-21413.
  • Office 2016: KB5002537; Closes the RCE vulnerabilities CVE-2024-20673 and CVE-2024-21413.
  • Outlook 2016: KB5002543; Closes the RCE vulnerability CVE-2024-21378.
  • PowerPoint 2016: KB5002495; Closes the RCE vulnerability CVE-2024-20673. If KB5002457 is installed (but not together with KB5002498), a cross-update dependency is introduced that prevents Office applications from starting. This update removes the dependency and allows the applications to start even if both updates are not installed. However, both updates should be installed to fix the original security issue.
  • Project 2016: KB5002530; If KB5002457 is installed (but not together with KB5002498), a cross-update dependency is introduced that prevents Office applications from starting. This update removes the dependency and allows the applications to start even if both updates are not installed. However, both updates should be installed to fix the original security issue.
  • Publisher 2016: KB5002492; Schließt die RCE-Schwachstelle CVE-2024-20673.
  • If KB5002457 is installed (but not together with KB5002498), a cross-update dependency is introduced that prevents Office applications from starting. This update removes the dependency and allows the applications to start even if both updates are not installed. However, both updates should be installed to fix the original security issue.
  • Skype for Business 2016: KB5002181; Closes the RCE vulnerability CVE-2024-20673.
  • Visio 2016: KB5002491: Schließt die RCE-Schwachstelle CVE-2024-20673.
  • If KB5002457 is installed (but not together with KB5002498), a cross-update dependency is introduced that prevents Office applications from starting. This update removes the dependency and allows the applications to start even if both updates are not installed. However, both updates should be installed to fix the original security issue.
  • Word 2016: KB5002542; Closes the RCE vulnerabilities CVE-2024-20673 and CVE-2024-21413.
  • If KB5002457 is installed (but not together with KB5002498), a cross-update dependency is introduced that prevents Office applications from starting. This update removes the dependency and allows the applications to start even if both updates are not installed. However, both updates should be installed to fix the original security issue.

Details on the Office updates can be found in the linked KB articles.

Further updates for Office/SharePoint Server

Microsoft has also released security updates for various versions of Microsoft SharePoint Server.

SharePoint Server subscription edition

  • SharePoint Server Subscription Edition: KB5002560

Microsoft SharePoint Server 2019

Similar articles:
Office: Project Update KB5002530 (February 6, 2024)
Microsoft Security Update Summary (February 13, 2024)
Patchday: Windows 10 Updates (February 13, 2024)
Patchday: Windows 11/Server 2022 Updates (February 13, 2024)
Windows 7/Server 2008 R2; Server 2012 R2: Updates (February 13, 2024)
Microsoft Office Updates (February 13, 2024)


Advertising

Exchange Server Cumulative Update CU 14 (February 13, 2024)
Warning about critical Outlook RCE vulnerability CVE-2024-21413


Cookies helps to fund this blog: Cookie settings
Advertising


This entry was posted in Office, Security, Update and tagged , , , . Bookmark the permalink.

One Response to Microsoft Office Updates (February 13, 2024)

  1. reyhan says:

    thanks a lot of information

Leave a Reply

Your email address will not be published. Required fields are marked *