On February 13, 2024, Microsoft disclosed a critical vulnerability impacting Microsoft Outlook (CVE-2024-21413), which affects various versions of Microsoft Office including Microsoft Office LTSC 2021, Microsoft 365 Apps for Enterprise, Microsoft Outlook 2016, and Microsoft Office 2019 (under extended support).

What is a vulnerability?

A vulnerability is a weakness that can be exploited by cybercriminals to gain unauthorized access to a computer system. After exploiting a vulnerability, a cyberattack can run malicious code, install software, and steal sensitive data.

 

Protecting your systems and applications from vulnerabilities protects both Queen’s and your personal data from the risk of cyberattack.

What do I need to do?

To safeguard your systems and applications against potential vulnerabilities, promptly update to the most recent version of Microsoft Office.

To get started, check your version of Office. For instructions, refer to "What version of Office am I using? " to identify your current version.

A screenshot of the settings menu in Microsoft Outlook

If your version of Office is not at the most recent version of Microsoft Office, proceed to update your Office applications. Check out Microsoft’s instructions for updating your applications based on your operating system, select the article depending on your operating system, and follow the steps for “Newer versions of Office" as indicated in the image below:

A screenshot of the Microsoft website outlining the steps to take to update software.

 

I am unable to install updates for my applications.

If the option to update is missing, or if you are unable to install the most recent version of Office applications on your device, please contact the IT Support Centre by filling out an Online Help Form or by calling (613) 533-6666 during regular business hours.