Microsoft October 2018 Patch Tuesday Fixes 12 Critical Vulnerabilities

Patch Tuesday

Today is the October 2018 Patch Tuesday, which means a boatload of security updates are out for Microsoft products including Windows, Office, and Exchange Server. These updates fix known bugs and security vulnerabilities found within Microsoft’s products.

This article will cover the security updates released today as part of the October 2018 Patch Tuesday. These updates resolve 50 known vulnerabilities in Microsoft’s products, with 12 of them being labeled as critical.

For information about the non-security Windows updates, you can read about today’s Windows 10 KB4464330, KB4462919 and KB4462918 Cumulative Updates and the Microsoft Releases Windows 7 & 8.1 Cumulative Updates KB4462923 & KB4462926.

Critical Vulnerabilities fixed in the October 2018 Patch Tuesday updates

This Patch Tuesday fixes 12 Critical security vulnerabilities that when exploited could lead to code execution. These vulnerabilities are the most dangerous as if they are exploited could allow a remote attacker to execute commands on a vulnerable computer and essentially take full control.

CVE-2018-8473 – Microsoft Edge Memory Corruption Vulnerability is a remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user.

CVE-2018-8460 – Internet Explorer Memory Corruption Vulnerability is a remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8489 – Windows Hyper-V Remote Code Execution Vulnerability is a remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.

CVE-2018-8490 – Windows Hyper-V Remote Code Execution Vulnerability is a remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.

CVE-2018-8491 – Internet Explorer Memory Corruption Vulnerability is a remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8494 – MS XML Remote Code Execution Vulnerability is a remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system.

CVE-2018-8500 – Scripting Engine Memory Corruption Vulnerability is a remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8505 – Chakra Scripting Engine Memory Corruption Vulnerabilityis a remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8509 – Microsoft Edge Memory Corruption Vulnerability is a remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user.

CVE-2018-8510 – Chakra Scripting Engine Memory Corruption Vulnerability is a remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8511 – Chakra Scripting Engine Memory Corruption Vulnerability is a remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8513 – Chakra Scripting Engine Memory Corruption Vulnerability is a remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

The October 2018 Patch Tuesday Security Updates

Below is the full list of vulnerabilities resolved by the October 2018 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here.

Tag CVE ID CVE Title
Azure CVE-2018-8531 Azure IoT Device Client SDK Memory Corruption Vulnerability
Device Guard CVE-2018-8492 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Internet Explorer CVE-2018-8460 Internet Explorer Memory Corruption Vulnerability
Internet Explorer CVE-2018-8491 Internet Explorer Memory Corruption Vulnerability
Microsoft Edge CVE-2018-8473 Microsoft Edge Memory Corruption Vulnerability
Microsoft Edge CVE-2018-8512 Microsoft Edge Security Feature Bypass Vulnerability
Microsoft Edge CVE-2018-8530 Microsoft Edge Security Feature Bypass Vulnerability
Microsoft Edge CVE-2018-8509 Microsoft Edge Memory Corruption Vulnerability
Microsoft Exchange Server CVE-2010-3190 MFC Insecure Library Loading Vulnerability
Microsoft Exchange Server CVE-2018-8448 Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server CVE-2018-8265 Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2018-8486 DirectX Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2018-8484 DirectX Graphics Kernel Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2018-8453 Win32k Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2018-8472 Windows GDI Information Disclosure Vulnerability
Microsoft JET Database Engine CVE-2018-8423 Microsoft JET Database Engine Remote Code Execution Vulnerability
Microsoft Office ADV180026 Microsoft Office Defense in Depth Update
Microsoft Office CVE-2018-8501 Microsoft PowerPoint Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8427 Microsoft Graphics Components Information Disclosure Vulnerability
Microsoft Office CVE-2018-8504 Microsoft Word Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8502 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8432 Microsoft Graphics Components Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2018-8498 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office SharePoint CVE-2018-8480 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office SharePoint CVE-2018-8488 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office SharePoint CVE-2018-8518 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Scripting Engine CVE-2018-8511 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8500 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8505 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8503 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8510 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8513 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Windows CVE-2018-8411 NTFS Elevation of Privilege Vulnerability
Microsoft Windows CVE-2018-8333 Microsoft Filter Manager Elevation Of Privilege Vulnerability
Microsoft Windows CVE-2018-8493 Windows TCP/IP Information Disclosure Vulnerability
Microsoft Windows CVE-2018-8506 Microsoft Windows Codecs Library Information Disclosure Vulnerability
Microsoft Windows DNS CVE-2018-8320 Windows DNS Security Feature Bypass Vulnerability
Microsoft XML Core Services CVE-2018-8494 MS XML Remote Code Execution Vulnerability
SQL Server CVE-2018-8527 SQL Server Management Studio Information Disclosure Vulnerability
SQL Server CVE-2018-8532 SQL Server Management Studio Information Disclosure Vulnerability
SQL Server CVE-2018-8533 SQL Server Management Studio Information Disclosure Vulnerability
Windows – Linux CVE-2018-8329 Linux On Windows Elevation Of Privilege Vulnerability
Windows Hyper-V CVE-2018-8489 Windows Hyper-V Remote Code Execution Vulnerability
Windows Hyper-V CVE-2018-8490 Windows Hyper-V Remote Code Execution Vulnerability
Windows Kernel CVE-2018-8330 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2018-8497 Windows Kernel Elevation of Privilege Vulnerability
Windows Media Player CVE-2018-8482 Windows Media Player Information Disclosure Vulnerability
Windows Media Player CVE-2018-8481 Windows Media Player Information Disclosure Vulnerability
Windows Shell CVE-2018-8413 Windows Theme API Remote Code Execution Vulnerability
Windows Shell CVE-2018-8495 Windows Shell Remote Code Execution Vulnerability

Related:

  • No Related Posts

Microsoft Windows Security Updates August 2018 release overview

Microsoft released security updates for Windows, Office, and other company products on the August 2018 Patch Tuesday (Update Tuesday).

Last month’s Patch Day was not the the smoothest of them all as it had issues that affected all supported versions of Windows. Microsoft released three cumulative updates for Windows 10, one designed solely to fix issues caused by another. The Windows 7 and Windows 8.1 updates had bugs, and the .Net Framework patches caused issues on some systems they were installed on.

We recommend to wait with the installation of the updates for at least a couple of days to monitor reports about issues. If you have to install the updates, make sure you back up the system before you do so.

The overview covers updates for client and server versions of Windows, Microsoft Office, and other company products. It links to security advisories and support pages, lists direct downloads, and other information that is important for home users and system administrators alike.

Microsoft Windows Security Updates August 2018

You can download an Excel spreadsheet that contains all security updates that Microsoft released today. Just click on the following link to download it: microsoft-windows-august-2018-updates.zip

Executive Summary

  • Microsoft released updates for all versions of Windows, Microsoft Edge, Internet Explorer Microsoft Office, and other company products including Visual Studio, .NET Framework, Microsoft SQL Server, Microsoft Exchange Server, and Adobe Flash Player.
  • All client and server versions of Windows are affected by critical vulnerabilities.
  • Microsoft does not provide a general overview of resolved security issues anymore on support pages.

Operating System Distribution

  • Windows 7: 15 vulnerabilities of which 3 are critical and 12 are important.
  • Windows 8.1: 12 vulnerabilities of which 2 are critical and 10 are important.
  • Windows 10 version 1607: 21 vulnerabilities of which 2 are critical and 17 are important.
  • Windows 10 version 1703: 21 vulnerabilities of which 3 are critical and 18 are important.
  • Windows 10 version 1709: 22 vulnerabilities of which 3 are critical and 19 are important.
  • Windows 10 version 1803: 21 vulnerabilities of which 3 are critical and 18 are important.

Windows Server products

  • Windows Server 2008 R2: 15 vulnerabilities of which 3 are critical and 12 are important.
  • Windows Server 2012 R2: 13 vulnerabilities of which 2 are critical and 10 are important.
  • Windows Server 2016: 20 vulnerabilities of which 2 are critical and 18 are important.

Other Microsoft Products

  • Internet Explorer 11: 11 vulnerabilities, 6 critical, 5 important
  • Microsoft Edge: 16 vulnerabilities, 10 critical, 5 important, 1 low

Windows Security Updates

KB4343909 — Windows 10 version 1803

  • Protection against a new speculative execution side-channel vulnerability known as L2 Terminal Fault affecting Intel Copre and Intel Xeon processors.
  • Fixed high CPU usage issue for AMD Family processors of the 15th and 16th generation after installing the June or July 2018 updates from Microsoft and microcode updates.
  • Fixed an issue that prevent apps from receiving mesh updates.
  • IE and Edge support the preload=”none” tag.
  • Fixed authentication issue for apps running on HoloLens.
  • Addressed a battery life issue that reduced battery significantly after the upgrade to version 1803.
  • Fixed Device Guard blocking some ieframe.dll class IDs after the May 2018 update.
  • Addressed a vulnerability related to Export-Modulemember() function.

KB4343897 — Windows 10 version 1709

  • Similar to Windows 10 version 1803.
  • Fixed copy adding additional spaces to content copied from IE.
  • Fixed AzureAD being displayed as the default domain after the July 24, 2018 updates.
  • Token Binding protocol draft updated to 0.16

KB4343885 — Windows 10 version 1703

  • Similar to Windows 10 version 1803.
  • Fixed a issue that caused Internet Explorer to stop working on some sites.

KB4343887 — Windows 10 version 1607 and Server 2016

  • Similar to Windows 10 version 1703.

KB4343898 — Windows 8.1 Monthly Rollup Update

  • Protections against L1 Terminal Fault as in the Windows 10 updates
  • Support for preload=”none” tag. Microsoft lists Edge but that is a copy/paste error.
  • Fixed device startup issue by installing KB3033055 released in September 2015 after installing any November 2017 or later update.

KB4343888 — Windows 8.1 Security-only

  • Protections against L1 Terminal Fault as in the Windows 10 updates

KB4343900 — Windows 7 SP1 Monthly Rollup Update

  • Protections against L1 Terminal Fault as in the Windows 10 updates
  • Fixed high cpu usage issue for some AMD processors after installing June or July 2018 updates and AMD microcode updates.
  • Protections against Lazy Floating Point (FP) State Restore for 32-bit versions.

KB4343899 — Windows 7 SP1 Security-only

  • Identical to KB4343900

KB4343205 — Cumulative Update for Internet Explorer

KB4338380 — Windows Server 2008 — An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory.

KB4340937 — Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009 — A remote code execution vulnerability exists in “Microsoft COM for Windows” when it fails to properly handle serialized objects.

KB4340939 — Windows Server 2008 — A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.

KB4341832 — Windows Server 2008 — L1TF variant vulnerabilities update.

KB4343674 — Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009 — fixes remote code execution vulnerability and information disclosure vulnerability in GDI.

KB4343902 — Security update for Adobe Flash Player

KB4344104 — Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009 — Remote code execution vulnerability in the Windows font library.

KB4344159 — Security Only Update for .NET Framework 4.0 on WES09 and POSReady 2009

KB4344180 — Security Only Update for .NET Framework 2.0 on WES09 and POSReady 2009

KB4345590 –Security and Quality Rollup for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4345591 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4345592 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4345593 — Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB4345679 — Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4345680 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4345681 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4345682 — Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

Notes

The following CVEs have FAQs that offer additional information and may also list additional steps required to update.

Known Issues

Windows 10 version 1803

Windows 10 version 1703

  • Issues caused by the July 2018 Net Framework update — Microsoft is working on a solution.

Windows 10 version 1709

  • Localization issues for some languages that may display a few strings in English and not the local version.

Windows 7 SP1

  • Issue with third-party software related to missing oem<number>.inf file still exists.

Microsoft Exchange Server 2013

  • Some files are not properly update when the updates KB4340731 or KB4340733 are installed without elevated privileges. Outlook Web Access and Exchange Control Panel may stop working.

Security advisories and updates

ADV180017 — July 2018 Adobe Flash Security Update

ADV180018 — Microsoft Guidance to mitigate L1TF variant

ADV180020 — August 2018 Adobe Flash Security Update

ADV180021 | Microsoft Office Defense in Depth Update

Non-security related updates

KB4339284 — Time zone and DST changes in Windows for North Korea

KB4340689 — Dynamic Update for Windows 10 Version 1709

KB890830 — Windows Malicious Software Removal Tool – August 2018

KB4346877 — Update for Windows 10 version 1607 and Server 2016 — Fixes the .Net Framework update issues introduced by the July 2018 .Net updates.

KB4340917 — Update for Windows 10 version 1803 — See our coverage of KB4340917 here.

KB4338817 — Update for Windows 10 version 1709 — Lots of bug fixes.

KB4338827 — Update for Windows 10 version 1703 — Lots of bug fixes.

KB4338822 — Update for Windows 10 version 1607 and Server 2016 — Lots of bug fixes.

KB4345421 — Update for Windows 10 version 1803 — See our coverage of KB4345421 here.

KB4345420 — Update for Windows 10 version 1709 — attempts to fix issues caused by the July 2018 updates.

KB4345419 — Update for Windows 10 version 1703 — attempts to fix issues caused by the July 2018 updates.

KB4345418 — Update for Windows 10 version 1607 and Server 2016 — attempts to fix issues caused by the July 2018 updates.

Microsoft Office Updates

Check out our coverage of all released non-security updates for Office in August 2018 here.

Office 2016

KB4032233 — Security update for Office 2016 that patches an information disclosure vulnerability.

KB4032235 — Security update for Outlook 2016 detailed in ADV180021. Includes a number of improvements as well:

  • Restricts users from adding cloud files as attachments to digitally signed, rights-protected, or encrypted email messages.
  • Improves first, middle, and last names label translations in French.
  • Fixes a crash in third-party MAPI applications.
  • Adds various translations.
  • Outlook 2016 may start in offline mode even when you set it to start in online mode. (Fixed?)
  • Fixes accessibility issue with the Security Support Provider Interface authentication prompt.
  • Dynamic CRM functionality is blocked. See for help.

KB4032229 — Security update for Excel 2016 that resolves a remote code execution vulnerability. Also includes improvements:

  • Fixes hangs in Excel
  • Addresses high CPU usage when you unprotect workbookx in Protected View and edit them.
  • Fixes an Excel crash when you open a workbook with an XLL add-in to store and retrieve binary data.
  • German translation update for VLOOKUP function assistant help text.

Office 2013

KB4032239 — Resolves information disclosure vulnerability. Enables People Picker control in the Office Document Information Panel.

KB4032241 –Resolves various security vulnerabilities in Excel 2013.

KB4032240 — Fixes security issues in Outlook 2013. Includes the following improvements:

  • Same as KB4032235 for the most part.

Office 2010

KB3213636 — Fixes vulnerabilities in Microsoft Office 2010 – CVE-2018-8378.

KB4022198 — Fixes vulnerabilities in Microsoft Office 2010 – CVE-2018-8378.

KB4032223 — Excel 2010 update that addresses CVE-2018-8375, CVE-2018-8379 and CVE-2018-8382.

KB4018310 — PowerPoint 2010 security update that addresses CVE-2018-8376.

KB4032222 — Outlook 2010 security update. See ADV180021

Other Office products

KB4092433 — Word Viewer

KB4092434 — Word Viewer

KB4032213 — Excel Viewer 2007

KB4032212 — Microsoft Office Compatibility Pack Service Pack 3

KB4022195 – Microsoft Office Viewers and Office Compatibility Pack

Also: SharePoint Server 2016, 2013 and 2010.

How to download and install the August 2018 security updates

microsoft windows security updates august 2018

Most home PCs that run Windows use Windows Update for update checks, downloads, and installs. Organizations use Enterprise-specific update tools usually to download and deploy updates.

The Microsoft Update Catalog website offers a third-option to download and install updates.

Windows users who use Windows Update can run manual checks for updates to get updates installed immediately when they are released.

While it is recommended that you wait before you install updates, as updates may break things (and have numerous times in the past), you may do the following to install them when they are available:

  1. Tap on the Windows-key to display the Start menu.
  2. Type Windows Update and select the option.
  3. Select check for updates to install the updates.

Note: We recommend that you create a backup of the system partition and important data before you install Windows updates.

Direct update downloads

All cumulative updates for supported versions of Windows are also provided as direct downloads from Microsoft’s Download Center site.

Just click on the direct links below to do so.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4343900— 2018-08 Security Monthly Quality Rollup for Windows 7
  • KB4343899 — 2018-08 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4343898 — 2018-08 Security Monthly Quality Rollup for Windows 8.1
  • KB4343888 — 2018-08 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

  • KB4343887 — 2018-08 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

  • KB4343885 — 2018-08 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4343897 — 2018-08 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4343909 — 2018-08 Cumulative Update for Windows 10 Version 1709

Additional resources

Summary
Microsoft Windows Security Updates August 2018 release overview
Article Name
Microsoft Windows Security Updates August 2018 release overview
Description
Our overview of the Microsoft August 2018 Patch Day lists all updates released for Windows, Office, and other Microsoft products, and more.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo

Related:

  • No Related Posts

HOW TO: Ways to fix Outlook error ‘cannot open your default email folders’

Microsoft Outlook may be the most widely used email service around the globe, but users have come to accept the good with the very bad. Yes, Outlook offers an extensive and exclusive range of features as well as its friendly user experience. But there’s the flip side: User forums are filled with anger over errors that seem to have zero solutions. For this article, we will examine and hopefully resolve perhaps the most common Outlook error: “cannot open your default email folders.” This Outlook error mostly appears when you are trying to open your Outlook profile. It generally happens because of a corrupted OST file or the execution of Outlook in compatibility mode.

Why OST file corruption happens

OST files are the files that allow users to use Outlook while they are offline. It is actually a synchronized copied element of the accounts saved on your device that enables you to continue to use Outlook even when the program gets disconnected from MS Exchange Server.

These files can become corrupted because of various reasons. Some of the reasons are:

  • Deletion of any file or folder removed from Exchange folder.
  • Intrusion of any malware or virus.
  • Disruption in the file synchronization process due to sudden or abnormal shutdown failure.
  • Some internal discrepancies in Outlook causing abnormal Outlook termination.
  • Creation of some bad sectors in the hard drive where the OST file is stored.
  • Failure of any networking device that might disrupt the synchronizing process of the OST file.
  • Any changes in the internal structures of the OST file.
  • Installed plugins sometimes may damage Outlook performance, thus causing damage to the OST file.

Fixing OST file corruption

Here’s some ways to begin fixing the problem:

  1. Remove those profiles that are not being used from the address “Control Panel > Mail > Show profiles.”
  2. Create another copy of OST file.
  3. Even if the error doesn’t get resolved, create another new profile from while using Outlook Profile Helper or manually.

Outlook error caused by running in compatibility mode

Outlook Error
You might have witnessed these errors:

Cannot open your default email folders. Information store could not be opened,”

or

“Cannot start Microsoft Outlook. Cannot open the Outlook window. The server is not available. Contact your administrator if this condition persists.”

or

“Cannot display the folder. File access is denied. You do not have the permission required to access the file C:Usersusernamelocalsettingsapplication datamicrosoftoutlookoutlook.ost”

If you have enabled compatibility mode mistakenly, just disable it. If you haven’t, do not enable it for Outlook. Users typically enable it when they are required to run the troubleshoot compatibility wizard. Also, compatibility mode is not required for any version of Outlook on Vista or Windows 7 or any other Windows OS. This mode is also not needed for any application that is supported on any Windows OS or for recently released applications.

The user can switch off compatibility mode in a 64-bit operating system by following these easy steps:

  • Switch to the mentioned address “C:Program Files (x86)Microsoft OfficeOffice XXOutlook.exe”
  • Right-click on exe and then follow up by clicking on Properties then Compatibility tab.
  • Uncheck the checkbox called “Run this program in compatibility mode” box, thereafter click Apply and OK.

And in case, you are unable to place the Compatibility tab, follow the following steps:

  • Click on Startand search for Program Compatibility Troubleshooter.
  • Start Program Compatibility Troubleshooter; select Next option to proceed.
  • Select Outlook XX from the appeared list of programs. Following the steps of the Program Compatibility Troubleshooter.
  • Switch to the mentioned address “C:Program Files (x86)Microsoft OfficeOffice XXOutlook.exe”
  • Right-click on exe and then follow up by clicking on Properties then Compatibility tab.
  • Uncheck the checkbox called “Run this program in compatibility mode” box, thereafter click Apply and OK.

If this issue is experienced over an Exchange email account that is configured on your Outlook, you can diagnose the error by trying the following steps:

  1. If your program is executing along with a running Windows Server and/or over a firewall, then disable the firewall and then connect it with the server directly without any firewall.
  2. If this Outlook error gets resolved, then you will be required to reconfigure your firewall to allow Exchange to sync.
  3. And if the Outlook error still persists even after disabling the firewall, create a new mail profile from Outlook. You will also need to reconfigure your account.

Featured image: Shutterstock

Post Views: 78

Read Next

Related:

  • No Related Posts

FIX: Outlook error when sharing calendar in Windows 10

Do you get the Outlook error when sharing calendar? If you have Office 365 or any other Microsoft Exchange email service, Outlook can be used on the web to share your calendar with others in and outside of your organization.

Depending on the permissions given, others can only view your calendar, edit, or act as your delegate for meeting requests.

The Outlook error when sharing calendar can happen due to configuration or permission issues. Some users have reported that removing current permissions besides the Default and Anonymous resolves the issue.

However, if the error persists, repair Office from Control Panel, and if it fails, download and run the Microsoft Office Configuration Analyzer tool 2.2, which analyzes Office programs for known configurations that can cause issues.

If you don’t have the option to share your calendar (maybe it is grayed out), it can also be because your network admin or IT support set a policy preventing calendar sharing among people in the office.

Fortunately, there are ways to fix the Outlook error when sharing calendar as listed below.

Outlook won’t share calendar, how do I fix that?

  1. General fixes
  2. Check Permission settings
  3. Check for Duplicate entries

1. General fixes

  • Update Office suite to the latest version by going to Outlook>FILE>Office Account>Update Options>Update Now
  • Do an online repair for the Office programs
  • Also, if you are using an Office 365 account in your Outlook 2016, you can try sharing the calendar in Outlook Web App (OWA).
  • Launch the Run command and paste exe /safe in the open box to start Outlook in Safe Mode
  • Uncheck Cash mode in Outlook
  • Download Microsoft Support and Recovery Assistant for Office 365 and see if it helps

— RELATED: Fix Outlook error ‘Too many recipients’ on Windows 10

2. Check Permission settings

  • Open Outlook and go to Calendar view
  • Right click the calendar you’re trying to share
  • Click Properties
  • Go to Permissions tab and remove users who are no longer at the office or who cannot access the calendar
  • Click Apply and close the window then try to share your calendar again

3. Check for Duplicate entries

The Outlook error when sharing calendar may be related to a duplicate entry in the Permission list of your calendar. To check for this, do the following:

  • Right click user’s calendar
  • Select Properties
  • Click Permissions tab
  • Go through the users’ list and check for a duplicate entry
  • If you find, remove it and restart Outlook again
  • Share your calendar
  • Remove all entries and return them again
  • Right click the calendar you want to share
  • Select Properties
  • Make a note of the entries and then remove all entries in the calendar permission list
  • Add them back

Were you able to resolve the Outlook error when sharing calendar? Let us know in the comments section below.

RELATED STORIES TO CHECK OUT:

Related:

  • No Related Posts

Stung by a festering pile of bugs on Patch Tuesday, MS releases 27 more patches

In what is becoming a common occurrence, Microsoft’s Patch Tuesday brought along so many bugs that they necessitated a remediation round. This month, unusually, it took only six days to get the exterminators out.

Since these fixes are aimed at four specific bugs introduced on Patch Tuesday, they don’t include the massive patches normally appearing on the second Patch Whateverday of the month. My guess is we’ll see at least one more big set of Windows patches before the month is out. Oh, boy.

Windows July patches, version 2

Yesterday, Monday, July 16, Microsoft released 27 new security patches for Windows, bringing the total number of patches so far this month up to 156. The new patches fall into six separate groups:

  • Win10 version 1803 got cumulative update KB 4345421. The KB article says this update moves 1803 users to build 17134.166, but multiple sources say, in fact, they’re getting moved to 17134.167. That may seem like a small discrepancy, but it speaks volumes about last-minute changes in the build and the lack of coordination in the documentation.
  • Win10 1709 got KB 4345420. The KB article says it moves 1709 users to 16299.550, but the Win10 release info page says it’s 16299.551.
  • Win10 1703 got KB 4345419. The KB article says build 15063.1208. The audience says 15063.1209. Bzzzzzt.
  • Win10 1607 / Server 2016 got KB 4345418. The docs say 14393.2367. The guinea pigs say 14393.2368. And the crowd goes wild.
  • Win8.1 / Server 2012 R2 got a manual-download-only KB 4345424.
  • Win7 / Server 2008 R2 also got a manual-only patch, KB 4345459. We have one report that this patch breaks acquiring IP addresses over a wireless connection.

All six of the groups say they fix the same basic bugs. Er, issues. All of the acknowledged issues look like this:

Related:

  • No Related Posts

Microsoft Mends Critical Windows 10 Security Error Impacting Windows Defender

A horde of security update has been launched by Microsoft to rectify a serious remote execution susceptibility that mainly impacts the Windows Defender on platforms of Windows Server and Windows. The problem, logged as CVE2018-0986, subsists in Microsoft Malware Protection Engine also effects the Microsoft Forefront EndPoint Protection 2010, Windows Intune Endpoint Protection, Microsoft Security Essentials, and Microsoft Exchange Server 2016 & 2013.

Enterprise end-users and administrators will not need installing the updates manually as there are inbuilt tools to install the updates automatically within 48 Hours of their launch. The new updates are not a fraction of the monthly security update of Microsoft. Nevertheless, it strengthens security across a range of Windows platforms, comprising Windows Server 2012 and Windows 10.

While unfolding the susceptibility on its Security TechCenter, the company said, “An attacker who effectively subjugated this susceptibility can run arbitrary code in the LocalSystem account’s security context and take command of the system. An intruder can then set up programs; generate new accounts with complete user rights; or change, delete, or view data.”

Microsoft draws attention to that there are “several means” that a particularly crafted document can be positioned by the attacker. Furthermore, it can be conveyed through an email, an instant messenger message, website, or even via a website that host or allows user-provided material.

Microsoft notes, “If real-time scanning is not activated, the intruder would have to wait till a programmed scan happens in order for the susceptibility to be subjugated. All systems operating on an impacted antimalware software version are mainly at risk.”

The security updates fundamentally rectify the way in which the Microsoft Malware Protection Engine scans particularly created documents. Additionally, the susceptible Microsoft Malware Protection Engine variant 1.1.14600.4 has been upgraded to variant 1.1.14700.5.

Related:

  • No Related Posts

Microsoft Releases More Spectre/Meltdown Patches

It’s shaping up to be a relatively light patch load for administrators this month, with just 15 critical vulnerabilities to fix out of a total of 75.

The update round covered a pretty wide range of products as usual: including Internet Explorer (IE), Edge, ChakraCore, Microsoft Windows, Microsoft Office, Exchange and ASP.NET Core.

Two have been publicly disclosed, meaning that hackers may be exploiting them in the wild, although the bugs themselves are only rated “Important”. They are: CVE-2018-0940, affecting Microsoft Exchange Server 2010-2016 and CVE-2018-0808, which hit ASP.NET Core 2.0 systems.

“The Windows Kernel received a lot of attention this month, likely due to the ongoing attention on Meltdown and Spectre vulnerabilities. I stopped counting the CVEs after a dozen,” said Ivanti director of product management, security, Chris Goettl. “The good news is I did not see anything higher than an Important rating, but those are a lot of changes in the Kernel. Test the OS updates well this month.”

As regards Spectre and Meltdown, Microsoft has released patches for 32-bit versions of Windows 7 and 8.1, as well as Server 2008 and 2012.

All the critical updates fix problems in the browser, or browser-related technologies and should be dealt with first, claimed Qualys director of product management, Jimmy Graham.

He highlighted another “Important” vulnerability for special attention. CVE-2018-0886 affects security support protocol CredSSP, which is used to process authentication requests and could allow could allow an attacker with Man in the Middle capabilities to gain full access to a Remote Desktop Protocol (RDP) session.

“While CredSSP is used for other applications, the attack scenario mentioned by Microsoft involves Remote Desktop. The update covers both the CredSSP protocol used by the RDP server as well as the RDP clients,” he explained.

Group Policy settings must be enabled to ensure full mitigation of the vulnerability for RDP. Microsoft has also given a tentative timeline for additional updates. In April, new versions of the RDP client will be released to add better error messages, and in May an update will be released to prevent clients from connecting using insecure versions of CredSSP.”

Adobe also released patches for seven vulnerabilities.

Related:

  • No Related Posts

Microsoft confirms stalled downloads, bogus errors in Win10 FCU update KB 4054517

Microsoft has just fessed up to a couple of the known bugs in this month’s Win10 version 1709 cumulative update, KB 4054517 – in particular, the stall at 99% download, and the completely bogus warning that the patch had failed to install with error 0x80070643. Sadly, several other problems with KB 4054517 have not been acknowledged. Yet.

In addition, we have new mea culpas for the November Patch Tuesday security update for Excel 2016, KB 4011220, which throws a “Cannot run the macro” warning, and for this month’s Patch Tuesday security fix for Microsoft Exchange, KB 4045655.

As usual, I’m seeing reports thatMicrosoft tech support staff don’t know about the problems, haven’t read the KB articles, and are recommending that people re-install Windows.

The first problem in this month’s Win10 1709 cumulative update KB 40454517 is described as:

Related:

  • No Related Posts