Microsoft, a day ago, released a workaround for an Outlook issue that was preventing users from opening URLs when a hyperlink in an email was clicked on. Error messages like "Something unexpected went wrong with this URL" would pop up, as well as "Microsoft Office has identified a potential security concern. This location may be unsafe".
The company already had confirmed it was a result of the recent security hardening for Office 2013 and Office 2016 under KB5002427 and KB5002432. On its health dashboard today, alongside highlighting a video codec issue on Windows, the company has published details about this problem too. It writes:
When clicking on links in emails in Microsoft Outlook, you might receive an error message with the text “Something unexpected went wrong with this URL”. Opening links in emails on Microsoft Outlook may also display an error stating "Microsoft Office has identified a potential security concern. This location may be unsafe."
As a result of Microsoft Office security hardening changes, hyperlinks which contain fully-qualified domain name (FQDN) or IP address will display this message. This is due to protections released July 11, 2023.
Please note: This behavior is caused by a protection update in Outlook released July 11, 2023. It is not caused by Windows Updates.
Resolution: These messages are displayed as part of recent Office security changes. Details can be seen in KB article Outlook blocks opening FQDN and IP address hyperlinks after installing protections for Microsoft Outlook Security Feature Bypass Vulnerability released July 11, 2023.
In order to ensure continued access to files on FQDN or IP address paths, add those URLs to the Trusted Sites zone in accordance with Windows guidance. An Intranet site is identified as an Internet site when you use an FQDN or an IP address. This can be accomplished with the following steps:
- Open the "Internet Properties" settings. This can be done in one of the following ways:
- Open "Control Panel" from the start menu and select "Internet Options" under "Network and Internet"
- On your keyboard, press and hold the Windows key, then press the letter S. In the search dialog that appears, type "Internet Properties" and select the first result.
- Click the Security tab, then select Trusted Sites.
- Under "Add this website to the zone", add the URL, UNC, FQDN path that you want to allow. For example, add: file://server.usa.corp.com
Note: If the entry you wish to add does not explicitly start with ‘https:’, you must first uncheck the ‘Require server verification (https) for all sites in this zone’ checkbox before it can be saved.
This workaround can also be deployed via group policy. See policy: \\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Site to Zone Assignment List on the Group Policy Search site.
You can find more details about the security vulnerabilities the updates address on Microsoft's website.