Microsoft pulled back three patches it just sent out for Outlook vulnerabilities.
Users voiced concerns over problems they were encountering with KB4011042, KB3191849, and KB3213654 in late June when they discovered Outlook 2010, 2013, and 2016, respectively, were crashing after installing the patches.
The goal of the updates was to address issues experienced with attachments that had ellipsis or an exclamation mark in their file names. The problem was it led to unexpected crashes when an email with an attachment ended up clicked. The KB page of each of the three updates now displays a note telling users about the company’s decision to pull them.
“Update 4011042 for Microsoft Outlook 2010 that was released on July 5, 2017, is not currently available. This article will be updated as soon as the update is available again,” it reads.
Microsoft did confirm the updates caused a crash impacting the latest 3 versions of the Outlook client.
“A new update for 32-bit Outlook 2010 is under development and will be posted in this article when it becomes available. The original download package for the 32-bit version was removed from the Download Center after a problem was discovered that could cause Outlook to crash when you preview messages that have attachments. If you already downloaded and installed the 32-bit update, we recommend that you remove it until a new version is available,” Microsoft said.
Users should remove the update as soon as possible, but the removal does have to end up conducted manually because Microsoft does not provide an automatic patch removal tool.
The crashes are being experienced on all versions of Windows, including Windows 7, 8.1, and 10, in either x86 or x64 editions.