December 2015 Security update for Lync 2013

A new update for both Lync 2013 and Skype for Business client has been posted. It contains both a critical security fix, some non-security fixes and even some improvements:

Security fix = Microsoft Security Bulletin MS15-128

This security update resolves vulnerabilities in Microsoft Windows, .NET Framework, Microsoft Office, Skype for Business, Microsoft Lync, and Silverlight. The vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted embedded fonts.

This security update is rated Critical for:

  • All supported releases of Microsoft Windows
  • Affected versions of Microsoft .NET Framework on all supported releases of Microsoft Windows
  • Affected editions of Skype for Business 2016, Microsoft Lync 2013, and Microsoft Lync 2010
  • Affected editions of Microsoft Office 2007 and Microsoft Office 2010

Not security related fixes and improvements:

  • Adds Cloud-based Discovery
  • Uses SSO to autodetect SIP address and start sign in
  • When you are in a public switched telephone network (PSTN) call, and you open a Conversation Window Extension (CWE), the call option controls are covered by the CWE without any way to access the controls without closing the CWE
  • Lync client doesn’t show all the fonts if the computer has more than 1,000 fonts
  • KB3115883 “You need to install additional updates” error message when you try to start Lync 2013
  • KB3112863 Lync 2013 (Skype for Business) sends corporate error reporting (CER) data after every PC-to-PC and conference call
  • KB3112864 Media setup may fail and all media diagnostics information is missing in Lync 2013 (Skype for Business)
  • KB3114326 A hyperlink that is copied from Internet Explorer can’t be pasted into Lync 2013 (Skype for Business)
  • KB3114325 Response Group Service group member notification is displayed frequently in Lync 2013 (Skype for Business)KB3112796 Adds a new GPO to control which proxy setting is used when both PAC and manual proxy are used in Skype for Business
  • KB3101548 Attendees can’t see the shared desktop when they join an online meeting as anonymous users in Lync 2013

    More info: MS15-128: Description of the security update for Lync 2013 (Skype for Business): December 8, 2015

from Skype for Business News Aggregator via IFTTT


Leave a Reply

Your email address will not be published. Required fields are marked *