This security update resolves vulnerabilities in Microsoft Lync 2013 and Skype for Business that could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. To learn more about these vulnerabilities, see Microsoft Security Bulletin MS16-097.
For a complete list of affected software, see Microsoft Knowledge Base article 3177393.
More information about this security update
How to get and install the update
Method 1: Microsoft Update
This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see the "Turn on automatic updating in Control Panel" section of this Safety & Security Center article.
Method 2: Microsoft Update CatalogTo get the stand-alone package for this update, go to the Microsoft Update Catalog website.
Method 3: Microsoft Download CenterYou can get the stand-alone update package through the Microsoft Download Center. To install the update, follow the installation instructions on the download page.
- After you apply this update, Lync 2013 will be upgraded to Skype for Business. Learn about the new experience in Skype for Business.
- You can still use the Lync client user interface after you apply this update for Lync 2013 (Skype for Business).
- You can get general information about how to switch between the Skype for Business and Lync client user interfaces for Microsoft Office 365 users and Lync Server 2013 users.