This security update resolves vulnerabilities in Skype for Business and Microsoft Lync Server. The most severe of these vulnerabilities could allow elevation of privilege if a user clicks a specially crafted URL. An attacker would have to convince users to click a link in an instant messenger or email message that directs them to an affected website by way of a specially crafted URL. To learn more about the vulnerability, see Microsoft Security Bulletin MS15-104.
The following articles contain more information about this security update as it relates to individual product versions. The articles may contain known issue information.