Sign in with Microsoft
Sign in or create an account.
Hello,
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.

Summary

This security update resolves a vulnerability in Skype for Business and Microsoft Lync. The vulnerability could allow information disclosure if an attacker invites a user to an instant message session and then sends that user a message that contains specially crafted JavaScript content. To learn more about the vulnerability, see Microsoft Security Bulletin MS15-123.

More information about this security update

The following articles contain more information about this security update as it relates to individual product versions. The articles may contain known issue information.

  • 3101496 MS15-116 and MS15-123: Description of the security update for Lync 2013 (Skype for Business): November 10, 2015

  • 3096738 MS15-123: Description of the security update for Lync 2010 Attendee (admin level install): November 10, 2015

  • 3096736 MS15-123: Description of the security update for Lync 2010 Attendee (user level install): November 10, 2015

  • 3096735 MS15-123: Description of the security update for Lync 2010: November 10, 2015

  • 3085634 MS15-116 and MS15-123: Description of the security update for Skype for Business 2016: November 10, 2015


This security update also includes the following nonsecurity-related cumulative update:

  • 3108096 Skype for Business November 2015 cumulative update for Crestron RL, Polycom CX8000, and SMART Room System (KB3108096)


Microsoft Lync 2010, Microsoft Lync 2010 Attendee, Microsoft Lync 2013 (Skype for Business), Microsoft Lync Basic 2013 (Skype for Business Basic), Skype for Business 2016, and Skype for Business Basic 2016Reference table

The following table contains the security update information for this software.

Security update file name

For Microsoft Lync 2010 (32-bit) (3096735):
lync.msp


For Microsoft Lync 2010 (64-bit) (3096735):
lync.msp

For Microsoft Lync 2010 Attendee (user level install) (3096736):
AttendeeUser.msp


For Microsoft Lync 2010 Attendee (admin level install) (3096738):
AttendeeAdmin.msp


For all supported 32-bit editions of Microsoft Lync 2013 (Skype for Business) and Microsoft Lync Basic 2013 (Skype for Business Basic):
lync2013-kb3101496-fullfile-x86-glb.exe


For all supported 64-bit editions of Microsoft Lync 2013 (Skype for Business) and Microsoft Lync Basic 2013 (Skype for Business Basic):
lync2013-kb3101496-fullfile-x64-glb.exe


For all supported 32-bit editions of Skype for Business 2016 and Skype for Business Basic 2016:
lync2016-kb3085634-fullfile-x86-glb.exe


For all supported 64-bit editions of Skype for Business Basic 2016:
lync2016-kb3085634-fullfile-x64-glb.exe

Installation switches

See Microsoft Knowledge Base Article 912203

Restart requirement

In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.

To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install the security update. For more information about the reasons why you may be prompted to restart, see Microsoft Knowledge Base Article 887012.

Removal information

Use Add or Remove Programs item in Control Panel.

File information

For all supported editions of Microsoft Lync 2010:
See Microsoft Knowledge Base Article 3096735


For Microsoft Lync 2010 Attendee (user level install):
See Microsoft Knowledge Base Article 3096736


For Microsoft Lync 2010 Attendee (admin level install):
See Microsoft Knowledge Base Article 3096738


For Microsoft Link 2013 (Skype for Business) and Microsoft Link Basic 2013 (Skype for Business Basic):
See Microsoft Knowledge Base Article 3101496


For Skype for Business 2016 and Skype for Business Basic 2016:
See Microsoft Knowledge Base Article 3085634

Registry key verification

For Microsoft Lync 2010 (32-bit):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0EEB34F6-991D-4a1b-8EEB-772DA0EADB22}
Version = 7577.4484


For Microsoft Lync 2010 (64-bit):
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\{0EEB34F6-991D-4a1b-8EEB-772DA0EADB22}
Version = 7577.4484


For Microsoft Lync 2010 Attendee (admin level install):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\94E53390F8C13794999249B19E6CFE33\InstallProperties\DisplayVersion = 4.0.7577.4484


For Microsoft Lync 2010 Attendee (user level install):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0EEB34F6-991D-4a1b-8EEB-772DA0EADB22}
Version = 7577.4484


For Microsoft Lync 2013 (Skype for Business) and Microsoft Lync Basic 2013 (Skype for Business Basic):
Not applicable


For Skype for Business 2016 and Skype for Business Basic 2016:
Not applicable

Microsoft Lync Room SystemReference table

The following table contains the security update information for this software.

Security update file name

For SMART Room System (3108096):
SMARTLyncRoomUpdates.exe


For Crestron RL (3108096):
CrestronLyncRoomUpdates.exe

Installation switches

See Microsoft Knowledge Base Article 912203

Restart requirement

A system restart is required after you apply this security update.

Removal Information

The updates are removable only by performing a factory reset.

File information

For SMART Room System:
See Microsoft Knowledge Base Article 3108096


For Crestron RL:
See Microsoft Knowledge Base Article 3108096

Registry key verification

For SMART Room System:
Not applicable


For Crestron RL:
Not applicable


File name

SHA1 hash

SHA256 hash

AttendeeAdmin.msp

A22099CBD39776DA7EE5684D2F8C1660FB71E2C8

2852B9E5685E4BF22DFC875CE5AF80D5BE4CA1CD0BC3BD34B5A66A19B92043BF

AttendeeUser.msp

5B1D73552142D8E10833ED251C85324499E54CA3

55E3687D1028AF83DF008D8671C762BCBEA4418B3AC0722CDA1FCAF0A7018897

CrestronLyncRoomUpdates.exe

BC5D328BD296212DE2063356204C7CC82F820A5A

AE2F0F4FD263B03B8F79DBA587F0FB30F9D1C4D366D1FA071E99C2AA613550BA

Lync.msp (For x64-based versions)

33B66E65C61662E3E51F3504C06ED49AF7B76CE6

8C4850E9C71325DD71BE0CDB040B09BB8C10917030CE96DC8DE8BE02F30FC5E4

Lync.msp (For x86-based versions)

F06A8F8AC4FD53B4424305A164F9A0C716409DAC

63559FF9BF347E32A84B554F668558AD8DD0C68853308EE7D52B61C16FD03DB4

SMARTLyncRoomUpdates.exe

A6771BDA5FF97181AF29B64F7D14E94E7E4D7573

B2B3294B113933AB52C3681829DB97276B6DD0D7AA7F20BA184EBAC88EF56E97

lync2013-kb3101496-fullfile-x64-glb.exe

3B4187E79E318E93BA3189C11E86D4570623E920

08677AD12DB42DE94893FB849B18EE450A95F521F110719C74DD96322EB41173

lync2013-kb3101496-fullfile-x86-glb.exe

321B98C24C9AF6816AA81E3515588988D82DE568

7A8EC9A03AF6A503C26641CFEF6AF8BB9D3856D457CA8CC86A4FB55A3591BD01

lync2016-kb3085634-fullfile-x64-glb.exe

6741FDEB39D6B2C65F1F7B950A07C5C701398109

27A9C34B9F0EF74599DB460182954AC67A12D36906D0F4C0BD686542EFB9992F

lync2016-kb3085634-fullfile-x86-glb.exe

01CFA248C92C3C4E8B0D6CE30CBC6B723EEE0D5E

611D1E65FEAB3DC9C8CC68B9CCA4E0D93E5BBA1CEC5D705592C343F06EE1F9FB


Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

Facebook LinkedIn Email
SUBSCRIBE RSS FEEDS

Need more help?

Want more options?

Discover Community

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Ask the Microsoft Community

Microsoft Tech Community

Windows Insiders

Microsoft 365 Insiders

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!

×