This security update resolves vulnerabilities in Skype for Business and Microsoft Lync Server. The most severe of these vulnerabilities could allow elevation of privilege if a user clicks a specially crafted URL. An attacker would have to convince users to click a link in an instant messenger or email message that directs them to an affected website by way of a specially crafted URL. To learn more about the vulnerability, see Microsoft Security Bulletin MS15-104.
The following articles contain more information about this security update as it relates to individual product versions. The articles may contain known issue information.
Article ID: 3089952 - Last Review: Sep 18, 2015 - Revision: 1
Skype for Business Server 2015, Microsoft Lync Server 2013