MS15-104 - Vulnerabilities in Skype for Business Server and Lync Server Could Allow Elevation of Privilege

Bulletin ID: 

MS15-104

Severity: 

Important

Description: 

Severity Rating: Important
Revision Note: V1.1 (September 11, 2015): Bulletin revised to update the prerequisite detail in the Update FAQ section. This is an informational change only. Customers who have already successfully installed the updates do not need to take any action.
Summary: This security update resolves vulnerabilities in Skype for Business Server and Microsoft Lync Server. The most severe of these vulnerabilities could allow elevation of privilege if a user clicks a specially crafted URL. An attacker would have to convince users to click a link in an instant messenger or email message that directs them to an affected website by way of a specially crafted URL.

Security advisory: 

Related content