Summary
Microsoft Lync Server 2013 provides minimal support for HTTP clients that incorrectly connect to a SIP listening port because the Lync Server uses port 443 for client connections in the service topologies. After you apply this update, the Lync Server will include a Strict-Transport-Security header in the path where it returns any HTTP response and the underlying connection is TLS.
Note HTTP Strict Transport Security (HSTS) is an Internet Engineering Task Force (IETF) standard-compliant security feature in the header to help users connect to secure sites in a secure way, and prevent some attacks.
How to get this update
To get this update, install the July 2018 cumulative update 5.0.8308.1001 for Lync Server 2013, Front End Server and Edge Server.