CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Windows 11 Update KB5074109 Causes Outlook Freezes for POP Users

First reported
Last updated
1 unique sources, 3 articles

Summary

Hide ▲

Microsoft has released emergency out-of-band updates on January 25, 2026, to address an issue causing Microsoft Outlook to freeze for users with POP email accounts. The problem, which affects users of Windows 11 25H2 and 24H2, Windows 10, and multiple Windows Server platforms, occurs when PST files are stored in cloud storage like OneDrive or Dropbox. The issue prevents Outlook from exiting properly and restarting after being closed. Users can temporarily resolve the issue by uninstalling the KB5074109 update or accessing their email accounts via webmail or moving their Outlook PST files out of OneDrive. The out-of-band updates include fixes for other issues, such as access to Microsoft 365 Cloud PC sessions and Secure Launch bugs.

Timeline

  1. 25.01.2026 03:59 1 articles · 23h ago

    Microsoft releases emergency OOB updates to fix Outlook freezes

    Microsoft released emergency out-of-band updates on January 25, 2026, to address the Outlook freezing issue. The updates fix the problem of Outlook becoming unresponsive when PST files are stored in cloud storage like OneDrive or Dropbox. The affected Outlook configurations primarily involve classic Outlook, commonly tied to enterprise licensing. The out-of-band updates also include fixes for other issues, such as access to Microsoft 365 Cloud PC sessions and Secure Launch bugs.

    Show sources
    Open in new tab
  2. 16.01.2026 14:12 3 articles · 9d ago

    Windows 11 Update KB5074109 Causes Outlook Freezes for POP Users

    Microsoft is investigating reports that the January Windows 11 security update KB5074109 causes the classic Outlook desktop client to freeze and hang for users with POP email accounts. The issue affects users who have installed the update on Windows 11 25H2 and 24H2, preventing Outlook from exiting properly and restarting after being closed. The problem also impacts Windows 10 users and multiple Windows Server platforms, including Windows Server 2025, Windows Server 2022, and Windows Server 2019. Users can temporarily resolve the issue by uninstalling the KB5074109 update or accessing their email accounts via webmail or moving their Outlook PST files out of OneDrive.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Microsoft January 2026 Patch Tuesday Addresses 3 Zero-Days, 114 Flaws

Microsoft's January 2026 Patch Tuesday addresses 114 vulnerabilities, including three zero-days: one actively exploited (CVE-2026-20805) and two publicly disclosed (CVE-2026-21265 and CVE-2023-31096). The updates cover a range of flaw types, with eight classified as 'Critical,' including remote code execution and elevation-of-privilege vulnerabilities. CVE-2026-20805 is an information disclosure vulnerability in the Desktop Window Manager that leaks sensitive memory details, allowing attackers to weaken system protections. CVE-2026-21265 affects nearly every Windows bootloader since Windows 8, with certificates set to expire in June and October 2026. CVE-2023-31096 is an elevation of privilege (EoP) in the Agere Modem driver, and Microsoft has removed agrsm64.sys and agrsm.sys from Windows. Microsoft has started automatically replacing expiring Secure Boot certificates on eligible Windows 11 24H2 and 25H2 systems to prevent potential security issues. Additionally, two critical Microsoft Office remote code execution bugs (CVE-2026-20952 and CVE-2026-20953) were patched, which can be triggered by viewing a booby-trapped message in the Preview Pane. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-20805 to its Known Exploited Vulnerabilities (KEV) catalog, mandating Federal Civilian Executive Branch (FCEB) agencies to apply the latest fixes by February 3, 2026. CVE-2026-20876 is a critical-rated privilege escalation flaw in Windows Virtualization-Based Security (VBS) Enclave, enabling an attacker to obtain Virtual Trust Level 2 (VTL2) privileges.

Open in new tab

Microsoft Outlook Classic Bug Prevents Opening Encrypted Emails

A bug in Microsoft Outlook Classic prevents users from opening encrypted emails with 'Encrypt Only' permissions after a recent update. The issue affects recipients who try to open these emails, displaying an error message and an inaccessible attachment instead of readable content. Microsoft is investigating the problem and has provided temporary workarounds while a permanent fix is in development.

Open in new tab

Windows Updates Cause RemoteApp Connection Failures in Azure Virtual Desktop

Recent Windows updates, including the November 2025 KB5070311 non-security update and a recent Windows 365 update, are causing RemoteApp connection failures in Azure Virtual Desktop environments on Windows 11 24H2/25H2 and Windows Server 2025 devices. This issue primarily affects enterprise users, leaving full desktop sessions unaffected. The incident began on Tuesday at 19:00 UTC, with users experiencing sign-in failures and intermittent access issues to their Cloud PCs. Microsoft has provided temporary mitigations, including a registry key modification, a Known Issue Rollback (KIR) for Windows Pro and Enterprise devices, and workarounds such as accessing Cloud PCs through the Windows App Web Client or using the Remote Desktop client for Windows. Microsoft is working on a permanent fix but has not provided a timeline.

Open in new tab

Microsoft December 2025 Updates Break Message Queuing Functionality

Microsoft's December 2025 security updates caused Message Queuing (MSMQ) failures across Windows 10 22H2, Windows Server 2019, and Windows Server 2016 systems. The issue arose from security model changes that modified permissions on a critical system folder, leading to errors in MSMQ queues and IIS sites. Affected systems experienced inactive queues, resource errors, and application failures. Microsoft has released an out-of-band update (KB5074976) via Update Catalog to address the issue. The company initially advised enterprise customers to contact support for a temporary workaround, and the update is now available for download.

Open in new tab

Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 183 flaws

Microsoft's October 2025 Patch Tuesday marks the end of free security updates for Windows 10, with the release of the final cumulative update KB5066791. This update addresses 183 vulnerabilities, including six zero-day flaws, and is mandatory for all Windows 10 users. Extended Security Updates (ESU) are available for purchase for up to three years for enterprise users and one year for consumers. The patches cover a range of vulnerabilities, including critical remote code execution and elevation of privilege issues. The zero-day vulnerabilities affect various components, such as Windows SMB Server, Microsoft SQL Server, Windows Agere Modem Driver, Windows Remote Access Connection Manager, AMD EPYC processors, and TCG TPM 2.0. Some of these flaws have been publicly disclosed or actively exploited. The update also includes fixes for vulnerabilities in third-party components, such as IGEL OS and AMD EPYC processors. Additionally, Microsoft Office users should be aware of CVE-2025-59227 and CVE-2025-59234, which exploit the Preview Pane. The update is the largest on record for Microsoft, with 183 CVEs, pushing the number of unique vulnerabilities released so far this year to more than 1,021. The update includes fixes for a wide range of vulnerabilities, including remote code execution (RCE), elevation of privilege, data theft, denial of service (DoS), and security feature bypass issues. The update also marks the end of life for Windows 10, meaning Microsoft will no longer issue regular patches for vulnerabilities in the operating system as part of its regular Patch Tuesday updates. Exchange Server 2016, Exchange Server 2019, Skype for Business 2016, Windows 11 IoT Enterprise Version 22H2, and Outlook 2016 are also reaching end-of-life. Windows 10 users can opt for Extended Security Updates (ESU) for one year at a cost of $30, or install Linux as an alternative. Linux Mint is recommended for Windows 10 users transitioning to Linux, with compatibility for most computers from the last decade. The October 2025 Windows security updates cause smart card authentication and certificate issues across all Windows 10, Windows 11, and Windows Server releases. The issue is due to a security fix designed to address a security feature bypass vulnerability (CVE-2024-30098) in the Windows Cryptographic Services. Affected users may experience various symptoms, including the inability to sign documents, failures in applications using certificate-based authentication, and smart cards not being recognized as CSP providers in 32-bit apps. The issue can be detected by the presence of Event ID 624 in the System event logs for the Smart Card Service prior to installing the October 2025 Windows security update. The fix is enabled by setting the DisableCapiOverrideForRSA registry key value to 1 to isolate cryptographic operations from the Smart Card implementation. Users experiencing authentication problems can manually resolve the issue by disabling the DisableCapiOverrideForRSA registry key. The DisableCapiOverrideForRSA registry key will be removed in April 2026, and users are advised to work with their application vendors to resolve the underlying problem. Microsoft also fixed another known issue breaking IIS websites and HTTP/2 localhost (127.0.0.1) connections after installing recent Windows security updates. Microsoft has released out-of-band (OOB) security updates for a critical-severity Windows Server Update Service (WSUS) vulnerability (CVE-2025-59287) with publicly available proof-of-concept exploit code. The vulnerability can be exploited remotely in low-complexity attacks that do not require user interaction, allowing threat actors without privileges to target vulnerable systems and run malicious code with SYSTEM privileges. Microsoft has released security updates for all impacted Windows Server versions, including Windows Server 2025, Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, and Windows Server 2012. Workarounds for admins who can't immediately install these emergency patches include disabling the WSUS Server Role or blocking all inbound traffic to Ports 8530 and 8531 on the host firewall. The OOB update supersedes all previous updates for affected versions, and users are advised to install it as soon as possible. A new Windows zero-day vulnerability allows attackers to crash the Remote Access Connection Manager (RasMan) service. The RasMan service is a critical Windows system service that runs with SYSTEM-level privileges. The zero-day flaw is a denial-of-service (DoS) vulnerability that affects all Windows versions, including Windows 7 through Windows 11 and Windows Server 2008 R2 through Server 2025. The flaw allows unprivileged users to crash the RasMan service due to a coding error in how it processes circular linked lists. ACROS Security provides free, unofficial security patches for this Windows RasMan zero-day via its 0patch micropatching service. The micropatch can be installed by creating an account and installing the 0Patch agent, which applies the patch automatically without requiring a restart.

Open in new tab