MS16-108: Description of the security update for Exchange Server 2016 and 2013: September 13, 2016

Applies to: Exchange Server 2016 Enterprise EditionExchange Server 2016 Standard EditionExchange Server 2013 Service Pack 1 More

Summary


This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow remote code execution in some Oracle Outside In Libraries that are built into Exchange Server. This issue might occur if an attacker sends an email message with a specially crafted attachment to a vulnerable Exchange Server. To learn more about this vulnerability, see Microsoft Security Bulletin MS16-108.

How to get and install this update


Method 1: Microsoft Update

This update is available through Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Turn on automatic updating in Control Panel.

Method 2: Microsoft Download Center

You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

Click the download link in Microsoft Security Bulletin MS16-108 that corresponds to the version of Windows that you are running.

Security update deployment information

For deployment information about this update, see Microsoft Knowledge Base Article 3185883 .