Full Report
Microsoft has shared a workaround for a known issue that causes the classic Outlook email client to crash when opening or starting a new message. [...]
Analysis Summary
# Vulnerability: MS Forms Control Crash in Classic Outlook
## CVE Details
- CVE ID: Not explicitly mentioned in the text. This appears to be a stability/crash issue addressed via a temporary fix rather than a specific, assigned CVE detailing a security vulnerability.
- CVSS Score: N/A (Focus is on instability)
- CWE: N/A
## Affected Systems
- Products: Classic Outlook (Implied to be Classic vs. New Outlook context)
- Versions: Specific versions running the implicated MS Forms control (MS Forms2.dll). **Version 2505 (Build 18827.20128) is mentioned in relation to a separate shared mailbox issue, not explicitly this crash.**
- Configurations: Opening specific emails that trigger the crash related to the MS Forms control.
## Vulnerability Description
Microsoft is addressing crashes occurring in Classic Outlook when users attempt to open certain emails. The root cause is attributed to an issue with the embedded Microsoft Forms control, specifically **MS Forms2.dll**. The immediate issue seems related to an update or interaction involving this control.
*Note: The article references several other distinct Outlook issues (shared mailbox flickering, LTSC 2019 crashes, general writing/forwarding crashes, and M365/Server crashes), but the primary focus of the initial section is the crash upon opening emails due to the Forms control.*
## Exploitation
- Status: Not explicitly stated whether this is actively exploited, but described as a stability/crash scenario that requires a workaround.
- Complexity: Likely Low, if triggering the crash is as simple as opening a specially crafted email.
- Attack Vector: Likely Network, through receiving the malicious/problematic email.
## Impact
- Confidentiality: Unknown/Low (Focus is on stability)
- Integrity: Unknown/Low (Focus is on stability)
- Availability: High (Application crash leads to immediate unavailability of the client)
## Remediation
### Patches
- No specific security or stability patch version is explicitly linked to this particular crash scenario in the provided summary context. The text focuses on a temporary fix/workaround.
### Workarounds
**For the crash upon opening emails:**
1. Rename the Microsoft Forms control file located in `C:\Windows\System32\` from `FORMS2.dll` to `FORMS2.old`. (This is referred to as a temporary fix).
**For the separate Shared Mailbox Flicker issue (Affecting version 2505 Build 18827.20128 and later):**
1. Toggle off caching of the shared mailbox by disabling **Download Shared Folders**. (Warning: This may cause performance problems as Outlook will work with the shared mailbox offline).
## Detection
- Indicators of Compromise: Application crash (Classic Outlook).
- Detection methods and tools: Monitoring application event logs for repeated Outlook termination events when processing incoming mail items.
## References
- Vendor Advisories:
- [Microsoft is also investigating a known Outlook issue that causes mailbox folders to flicker and move around when moving items to the folders (Shared Mailbox Flicker)](https://support.microsoft.com/en-us/office/shared-mailbox-folders-flicker-and-move-around-when-trying-to-move-items-to-the-folders-2fa078b0-7d31-4536-a6e2-25a8f19a53ff)
- [Outlook LTSC 2019 crashes opening Viva Engage, Yammer, Power Automate, and other emails fix](https://support.microsoft.com/en-us/office/outlook-ltsc-2019-crashes-opening-viva-engage-yammer-power-automate-and-other-emails-ca49b0b3-8d42-4864-80df-df06069cc172)
- [Microsoft shares another temporary fix for crashes affecting classic Outlook when writing, replying to, or forwarding emails](https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-temp-fix-for-outlook-crashing-when-writing-emails/)
- [Microsoft fixes Office 365 apps crashing on Windows Server systems](https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-office-365-apps-crashing-on-windows-server-systems/)
- Relevant links:
- [Microsoft shares temp fix for Outlook crashes when opening emails](https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-workaround-for-classic-outlook-crashes/)