This week’s security update takes the Office 2013-based Lync/SfB client from 15.0.4763.1001 to 15.0.4771.1001.
Kb3101496: “MS15-116 and MS15-123: Description of the security update for Lync 2013 (Skype for Business): November 10, 2015
This security update resolves vulnerabilities in Microsoft Lync 2013 and Skype for Business. These vulnerabilities could allow remote code execution if a user opens a specially crafted document or goes to an untrusted webpage that contains embedded OpenType fonts. Or, these vulnerabilities could allow information disclosure if an attacker invites a user to an instant message session and then sends that user a message that contains specially crafted JavaScript content.
To learn more about the vulnerabilities, see Microsoft Security Bulletin MS15-116 and Microsoft Security Bulletin MS15-123.
Note After you apply this security update, you may see a popup window that states that a website wants to open web content in protected mode in Internet Explorer. See Updates to change the way that Internet Explorer interacts with features in Microsoft Office applications for more information.”
What’s Fixed
This security update fixes the following non-security-related issues:
- Kb3085626 Sent emoticons are displayed differently in instant messages between Lync 2010 or 2013 and Skype for Business clients
- Kb3085629 Large conversations in Lync 2013 (Skype for Business) are lost in the Conversation History folder in Outlook
- Kb3085630 Skype for Business client crashes when you search for a contact in the Skype Directory tab
- Kb3085631 No phone numbers are displayed for a user whose photo is disabled in the contact list in Lync 2013 (Skype for Business)
- Kb3085632 The Current Conversations option is missing when you do a consultative transfer in Lync 2013
- Kb3085633 Call button is unavailable (grayed out) for a meeting organizer in Lync 2013 (Skype for Business)
- Kb3087562 Registry key isn’t honored when you customize the title name of user interface in Skype for Business
- Kb3101307 Lync 2013 (Skype for Business) users can’t save meeting contents to a redirected folder that’s in Offline mode
What’s New / Changed
Nothing known yet.
Known Issues
None documented.
Pre-Req’s
A few people have found their recent updates haven’t delivered as expected. Don’t forget *all* of the pre-req’s. The Office 2013 SP1 requirement still applies if you’re using Office 2010. (Lync 2013 in all of its flavours – e.g. Lync Basic – is still a component of Office 2013).
Update |
Download |
Current Version |
Released |
| Office 2013 SP1 (KB2817430) (NOTE 1 BELOW) | 1.0 | 18 February 2014 | |
| Update for Office 2013 (KB3054853) (NOTE 2 BELOW) | 1.0 | 9 June 2015 | |
| LyncHelpLoc (kb2889853) | 1.0 | 13 April 2015 | |
| Microsoft Office 2013 Language Pack Service Pack 1 (KB2817427) | 1.0 | 13 February 2014 |
NOTE1: “Before you install this update, you must install Microsoft Office 2013 Service Pack 1 (KB2817430)”.
NOTE2: “You do not have to apply update KB3054853 if you applied the April 14, 2015, update (KB2889923) or the May 12, 2015, security update (KB3039779) for Lync 2013 (Skype for Business)”.
Download
This is the client fix itself:
Reboot
I have all the pre-req’s already installed, so a reboot was not required. The further behind your current client version is, the greater the likelihood you’ll need to reboot. Note that I installed the update having exited Lync & Outlook first.
Before / After
Before |
After |
| SfB 15.0.4763.1001 MSO 15.0.4763.1000 | SfB 15.0.4771.1001 MSO 15.0.4763.1000 |
 |
 |
Revision History
15th November 2015: This is the initial post
– G.
You might want to update the know issues:
http://itbasedtelco.wordpress.com/2015/12/02/nov2015-client-update-issue-no-missed-call-notifications/
https://itbasedtelco.wordpress.com/2015/11/17/nov2015-security-update-branding-issues/