Microsoft has released an important security update for Exchange Server 2013. The bulletin MS15-064 states:
This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow elevation of privilege if an authenticated user clicks a link to a specially crafted webpage. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or Instant Messenger message.
The update is available for Exchange Server 2013 SP1 (CU4) and CU8. The update will also be included in CU9 and all future cumulative updates.
- Security update for Exchange Server 2013 CU8 (KB3062157)
- Security update for Exchange Server 2013 SP1 (KB3062157)
This article MS15-064 – Important Security Update for Exchange Server 2013 is © 2015 ExchangeServerPro.com
Get more Exchange Server tips at ExchangeServerPro.com
