Microsoft fixes Outlook bug from December 2023 updates

[German]An update for Office 365 from December 12, 2023 previously startled Outlook users with a security warning when they tried to open a calendar file (.ics). Microsoft has now fixed this issue so that the security warning from calendar files (.ics) should no longer appear. The fix is currently tested in beta channel and will be shipped soon.


Advertising

What is the issue?

A user described in the Microsoft Answers forum in the post How can I avoid Outlook's security warning on a .ics file? that he receives the following warning when opening calendar files (.ics) with appointment entries for a calendar in Outlook under Windows.

Outlook ics security notice

Outlook generates the security warning and writes in a dialog box that Microsoft Office has detected a potential security problem because the path from which the .ics file was loaded is insecure. The behavior was triggered by a security update for Office on December 12, 2023, where a vulnerability was closed. Information on this vulnerability can be found under CVE-2023-35636. I reported this issue in February 2024 in the blog post Outlook: Update from December 2023 triggers .ics security warning.

Microsoft plans a fix

However, Microsoft now seems to be working on a fix for this behavior, as the colleagues from Bleeping Computer write. Microsoft is currently testing a fix for the above issue with Outlook for Microsoft 365 version 2404 build 17531.20000. This build is currently being tested in the beta channel for Office Insiders.

For users who are in the monthly channel for Microsoft 365, Microsoft expects to deploy the fix on April 30, 2024. Microsoft 365 users who are enrolled in the semi-annual channel are expected to receive the update with the fix on Patch Tuesday on June 11, 2024. According to Bleeping Computer, the fix for the Semi-Annual Enterprise Channel will be backported to version 2402.


Advertising

Administrators who want to immediately stop the warning when opening .ics files in Outlook can do so via registry interventions. However, these turn off all warning messages, the details can be found in the article by Bleeping Computer.


Cookies helps to fund this blog: Cookie settings
Advertising


This entry was posted in issue, Office and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *