Microsoft’s desktop email client Outlook has stopped working worldwide for countless users, whether they are using it with an on-premises Exchange server or with the Office 365 cloud. Register readers reckon yesterday’s July Patch Tuesday update for the desktop software is today causing the client to crash with 0xc0000005 errors when run. “Microsoft has borked
Microsoft’s desktop email client Outlook has stopped working worldwide for countless users, whether they are using it with an on-premises Exchange server or with the Office 365 cloud.
Register readers reckon yesterday’s July Patch Tuesday update for the desktop software is today causing the client to crash with
0xc0000005 errors when run. “Microsoft has borked Outlook. If you update it to the latest update, it doesn’t work,” one tipster told us. “Thousands of users worldwide are now experiencing this.”
It appears Outlook 2019 and 2016 are affected, whether they are using a cloud-hosted Office 365 service, Outlook.com, or on-prem Exchange. Monitoring at DownDetector shows that, indeed, America and Europe, at least, are experiencing failures right now, starting around 9am PT (1600 UTC).
Microsoft did not immediately respond to a request for comment, though the official Microsoft 365 cloud status Twitter feed acknowledged the breakdown, and pointed toward the July update as a possible cause for the borkage:
We’re investigating whether a recently deployed update could be the source of this issue. As a workaround, users can utilize Outlook on the web or their mobile clients. Additional details can be found in the admin center under EX218604 and OL218603.
— Microsoft 365 Status (@MSFT365Status) July 15, 2020
As you can see, we’re told the web and mobile Outlook clients are not affected, and that Redmond’s engineers are on the case. On its Office 365 status page, Microsoft warned as we published this story that it may take another couple of hours to correct the blunder, for Outlook.com users at least:
Folks who want to avoid the crashes are unofficially advised to roll back their Outlook installations to a known-working June 24 version, and this can be done via the Windows command line:
cd “Program FilesCommon Filesmicrosoft sharedClickToRun” officec2rclient.exe /update user updatetoversion=16.0.12827.20470
Unfortunately for users and admins, yesterday’s Patch Tuesday update from Microsoft was a pretty significant one, delivering 123 bug fixes. For Outlook in particular, the patches cleaned up CVE-2020-1349, a remote-code-execution flaw involving memory corruption. The bug was particularly nasty, as an exploit does not require much in the way of user interaction.
“What sets this vulnerability apart is the fact that just viewing the email in the Preview Pane is enough to trigger the bug,” said Dustin Childs of the Trend Micro Zero Day Initiative.
So, at the moment, if it is the July security update causing the crashes, and if the roll-back undoes the CVE-2020-1349 patch, users and admins must decide between using an insecure email client, or no email client at all until Microsoft fixes the glitch. For what it’s worth, we’ve yet to see any in-the-wild exploits for the bug. ®