MS16-079: Description of the security update for Exchange Server 2016 and Exchange Server 2013: June 14, 2016

Summary

This security update resolves a vulnerability in Microsoft Exchange Server that could allow information disclosure if an attacker sends a specially crafted image URL in an Outlook Web Access (OWA) message that would be loaded, without warning or filtering, from the attacker-controlled URL. This security update also resolves a vulnerability that could allow an Elevation of Privilege in Oracle products installed on a Microsoft Exchange Server. 

To learn more about the vulnerability, see Microsoft Security Bulletin MS16-079.

How to get and install the update

Method 1: Microsoft Update
Method 2: Microsoft Download Center

More Information

Security update deployment information

For deployment information about this update, see Microsoft Knowledge Base article KB3160339.

Security update replacement information

This security update replaces previously released security update KB3124557.
File hash information
File information ERROR: PhantomJS timeout occurred