Description of the security update for Microsoft Exchange: July 11, 2017

Applies to: Exchange Server 2013 Service Pack 1Exchange Server 2016 Enterprise EditionExchange Server 2016 Standard Edition


This security update resolves a vulnerability in Microsoft Exchange Outlook Web Access (OWA). The vulnerability could allow elevation of privilege or spoofing in Microsoft Exchange Server if an attacker sends an email that has a specially crafted attachment to a vulnerable Exchange server. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2017-8621, CVE-2017-8559 and CVE-2017-8560.

More Information

Security update deployment information

For deployment information about this update, see security update deployment information: July 11, 2017.