Overview

On April 10, 2025, Microsoft released an emergency update, KB5002623, to address critical crashes affecting Office 2016 applications, including Word, Excel, and Outlook. These issues emerged following the deployment of the KB5002700 security update on April 8, 2025, which inadvertently caused these applications to become unresponsive or crash upon launch.

Background

The KB5002700 update was intended to resolve multiple security vulnerabilities within Office 2016, such as remote code execution and elevation of privilege vulnerabilities. However, post-installation, users began reporting significant stability issues:

  • Word 2016: Crashing immediately upon opening.
  • Excel 2016: Freezing when accessing the 'Insert' tab.
  • Outlook 2016: Becoming unresponsive when navigating to the calendar view.

These problems were particularly prevalent in installations utilizing the Microsoft Installer (MSI) version of Office 2016.

Technical Details

The KB5002700 update addressed several security vulnerabilities, including:

  • CVE-2025-29791: Microsoft Office remote code execution vulnerability.
  • CVE-2025-29792: Microsoft Office elevation of privilege vulnerability.
  • CVE-2025-29816: Microsoft Word security feature bypass vulnerability.
  • CVE-2025-27745: Microsoft Excel remote code execution vulnerability.

Despite these security enhancements, the update inadvertently introduced stability issues, leading to application crashes.

Resolution

In response to user reports, Microsoft expedited the release of KB5002623 on April 10, 2025. This update specifically targets the stability issues introduced by KB5002700. To fully restore functionality, Microsoft advises users to ensure both updates are installed:

  1. KB5002700: Addresses security vulnerabilities.
  2. KB5002623: Resolves the application crashes caused by KB5002700.

Users can download KB5002623 directly from the Microsoft Download Center.

Implications and Impact

The rapid deployment of KB5002623 underscores Microsoft's commitment to maintaining software integrity and user trust. However, this incident highlights the challenges inherent in software updates, where security enhancements can sometimes lead to unintended functionality issues. Organizations relying on Office 2016 should promptly apply both updates to ensure both security and stability.

Conclusion

While the KB5002700 update aimed to bolster Office 2016's security posture, it inadvertently introduced critical stability issues. Microsoft's swift release of KB5002623 demonstrates a proactive approach to resolving such challenges. Users are encouraged to install both updates to maintain optimal performance and security.