I have a little secret to share: I get a quiet delight out of seeing news of a security update for Lync/SfB. Don’t get me wrong, I certainly don’t enjoy reading of potential vulnerabilities in the product; what I do enjoy is knowing that each security update includes all of the fixes they’d coded into the product since the last ‘official’ update, and so my clients and I get the benefit of the fixes before they were otherwise going to see the light of day…
And so it is that we have an August update to the Lync 2013 / Skype for Business 2015 client:
Kb3055014: Description of the security update for Microsoft Lync 2013 (Skype for Business): August 11, 2015
“This security update resolves vulnerabilities in Microsoft Lync 2013. These vulnerabilities could allow remote code execution if a user opens a specially crafted document or goes to an untrusted webpage that contains embedded TrueType or OpenType fonts. To learn more about the vulnerabilities, see Microsoft Security Bulletin MS15-080”.
As if to spite me – perhaps as payback for my opening line – there are no documented fixes at this stage, beyond those of the security update itself.
kb3080519: Adds a policy setting from in-band provisioning to disable media traffic over IPv6 in Skype for Business or Lync 2013. (See my more detailed post here).
There are no known issues documented.
A few people have found their recent updates haven’t delivered as expected. Don’t forget *all* of the pre-req’s.
Dropped from this update is the previous requirement for Office 2013 SP1.
|Update for Office 2013 (KB3054853)
(NOTE 1 BELOW)
|1.0||9 June 2015|
|LyncHelpLoc (kb2889853)||1.0||13 April 2015|
|Microsoft Office 2013 Language Pack Service Pack 1 (KB2817427)||1.0||13 February 2014|
NOTE1: “You do not have to apply update KB3054853 if you applied the April 14, 2015, update (KB2889923) or the May 12, 2015, security update (KB3039779) for Lync 2013 (Skype for Business)”.
This is the client fix itself:
In my case, no. I recently updated to Windows 10 (in-place) and with all of the pre-req’s already in place I exited the client and ran the update. I was prompted to close Outlook – to which I complied – and the update completed with no need for a reboot.
Before / After
|SfB 15.0.4737.1000 MSO 15.0.4737.1001||SfB 15.0.4745.1000 MSO 15.0.4737.1001|
15th August. This is the initial post
16th October: Added the “what’s new: IPv6” kb.