MS16-120: Description of the security update for Lync 2013 (Skype for Business): October 11, 2016

Applies to: Skype for Business 2015Microsoft Lync 2013


This security update resolves vulnerabilities in Microsoft Lync 2013 and Skype for Business. The vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted embedded fonts.

To learn more about the vulnerabilities, see Microsoft Security Bulletin MS16-120.

For a complete list of affected software, see Microsoft Knowledge Base article 3192884.

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see the "Turn on automatic updating in Control Panel" section of this Safety & Security Center article.

Method 2: Microsoft Download Center

You can get the stand-alone update package through the Microsoft Download Center. To install the update, follow the installation instructions on the download page.


More Information

Update deployment information

For deployment information about this update, see Microsoft Knowledge Base article 3192884.


To install this security update, you must first have the following updates installed.

Update replacement information

This security update replaces previously released security update 3115431.