MS17-015: Description of the security update for Exchange Server 2016 and Exchange Server 2013: March 14, 2017

Applies to: Exchange Server 2016 Enterprise EditionExchange Server 2016 Standard EditionExchange Server 2013 Service Pack 1


This security update resolves a vulnerability in Microsoft Exchange Outlook Web Access (OWA). The vulnerability could allow remote code execution in Microsoft Exchange Server if an attacker sends an email that has a specially crafted attachment to a vulnerable Exchange server.

To learn more about the vulnerability, see Microsoft Security Bulletin MS17-015.

How to get and install the update

More Information

Security update deployment information

For deployment information about this update, see Microsoft Knowledge Base article 4013242.