Version 2.7.5 of the Outlook Plug-in Released

SugarCRM has released version 2.7.5 of the Sugar Plug-in for Microsoft Outlook.

At SugarCRM, we take seriously the security and the protection of your systems and data. Today, we are publicly announcing the availability of version 2.7.5 of the Sugar Plug-in for Microsoft Outlook which contains fixes for critical security vulnerabilities.

Review important information about this release, including details of fixed issues and this specific advisory, in the MS Outlook Plug-in Release Notes 2.7.5

We strongly recommend that all MS Outlook Plug-in users install this update at the earliest opportunity. While we have not experienced any reported incidents relating to this vulnerability to date, failure to install this update could leave you exposed to malicious third-party attacks.

To learn more about the Sugar Plug-in for Microsoft Outlook, please review the following guides:

If you have additional questions related to how your users are been affected, please open a case with our support team or ask your questions in the Enterprise & Sell group in SugarClub.


To ensure you are up-to-date on the latest information about Sugar Plug-in for Microsoft Outlook, please Subscribe to New Blog Posts in MS Office Plug-in Updates in SugarClub or visit Product Updates for additional product updates.

  • Hi  

    There's another conversation about this issue in Enterprise & Sell Answers & Best Practices. One of our Product Managers,  shared an update here:

    In our testing, we did not identify any issues with versions 2.7.4 or 2.7.5 (which released today - OPI 2.7.5 Release Notes) of OPI with 11.3. This looks to be something environmental or user specific where the URL used for authentication is incorrect. Version 2.7.5 adds some additional logging functionality that will hopefully tell us why this is happening and we will then figure out how to resolve it.

    If you can install OPI 2.7.5 and pass along the logs to us if you continue to have these issues, that would be very helpful in helping us track it down!

    You can click the button on the right side of that conversation page to be notified about updates to that conversation, or I invite you to share this comment there as well! 

    -Alex

  • Has the new version addressed the issue of the Outlook plug-in disconnecting? I understand that the OPI does not store the password by design due to it being a security risk. Instead, the credentials are used to acquire tokens, which when invalid will cause the OPI to prompt the user for the password. I am also aware that changes in IP or short durations for token expiry will cause this issue.
    We have users using SugarCRM globally who will often use a VPN connection. I would like to know if this latest version has addressed these issues before it is rolled out across the organisation. Appreciate your support, thank you!