It’s been a month since our last update to the Office 2013-based Lync/SfB client took us to 15.0.4953.1000. Today, a security update takes us to 15.0.4963.1000.
Kb 4011107: This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2017-8676, Microsoft Common Vulnerabilities and Exposures CVE-2017-8695, and Microsoft Common Vulnerabilities and Exposures CVE-2017-8696.
Two other items are addressed in this update:
- Kb 4039811 Doesn’t display a dialog box to join a meeting through a web browser if Skype for Business 2015 sign-in fails
- Translate some terms in multiple languages to make sure that the meaning is accurate.
What’s New / Changed
It’s been a big year for pre-req updates, but if you’re current then you’re OK today.
If however your patching isn’t to current you’ll need to check you have *all* of these pre-req’s. The Office 2013 SP1 requirement still applies if you’re using Outlook 2010. (Lync 2013 in all of its flavours – e.g. Lync Basic – is still a component of Office 2013).
|Update for Office 2013 (KB3054853) (NOTE 1 BELOW)||1.0||9 June 2015|
|LyncHelpLoc (kb3191937)||1.0||22 May 2017|
|Microsoft Office 2013 Language Pack Service Pack 1 (KB2817427)||1.0||13 February 2014|
NOTE1: “You do not have to apply update KB3054853 if you applied the April 14, 2015, update (KB2889923) or the May 12, 2015, security update (KB3039779) for Lync 2013 (Skype for Business)”
This is the client fix itself:
I have all the pre-req’s already installed, had exited the client before we started & was not prompted for a reboot.
Before / After
|SfB 15.0.4953.1000 MSO 15.0.4719.1000||SfB 15.0.4963.1000 MSO 15.0.4719.1000|
16th September 2017: This is the initial post.