Full Report
Microsoft has fixed a known issue that broke email and calendar drag-and-drop in classic Outlook after installing recent updates on Windows 24H2 systems. [...]
Analysis Summary
# Vulnerability: Microsoft Outlook Drag-and-Drop Functionality Broken by Windows Update
## CVE Details
- CVE ID: Not Applicable (This is a functionality regression/bug, not a remote security vulnerability described with a CVE)
- CVSS Score: Not Applicable
- CWE: Not Applicable
## Affected Systems
- Products: Microsoft Outlook
- Versions: Affected by recent Windows updates (Specific versions not detailed, but related to Windows 11 24H2 updates).
- Configurations: Unspecified, seems to be caused by a configuration or interaction issue following a Windows update.
## Vulnerability Description
Recent Windows updates introduced a functional regression that broke the drag-and-drop capability within Microsoft Outlook. The issue appears to be an interaction problem between the operating system updates and the behavior of the Outlook application.
## Exploitation
- Status: Not applicable (This is a functional bug, not a security exploit).
- Complexity: Not applicable.
- Attack Vector: Not applicable.
## Impact
- Confidentiality: None (Functional issue)
- Integrity: None (Functional issue)
- Availability: Minor Impact (Functionality degradation/interruption for users relying on drag-and-drop).
## Remediation
### Patches
- **KB5052093:** A preview cumulative update for Windows 11 24H2 released this Tuesday is confirmed to fix this known issue. This fix will likely be generally rolled out during the next month's Patch Tuesday cycle.
### Workarounds
Users who cannot immediately install the preview update can use the following steps to restore drag-and-drop functionality:
1. Select the **File** tab in Outlook, then select **Options**.
2. Under **User interface options** on the **General** tab, select the "**Optimize for best appearance**" option (Disabling the "Optimize for compatibility" setting).
## Detection
- **Indicators of Compromise:** Users attempting to drag and drop items (emails, attachments, etc.) within Outlook observe no action or failure of the operation.
- **Detection methods and tools:** Monitoring pending/installed Windows updates and Outlook behavior post-update deployment.
## References
- Vendor Advisories: Information regarding the fix is present in the update notes for Windows 11 24H2 KB5052093 preview update.
- Relevant links - defanged:
- bleepingcomputer dot com/news/microsoft/microsoft-fixes-outlook-drag-and-drop-broken-by-windows-updates/