Microsoft has published an Important security bulletin (MS13-041) detailing a “Vulnerability in Lync [That] Could Allow Remote Code Execution (2834695)”.
The bulletin is HERE.
- Communicator 2007 R2 (3.5.6907.268)
- Lync 2010 (4.0.7577.4388)
- Lync 2010 Attendee (4.0.7577.4388)
- Lync Server 2013
I’ve also placed the download links on the respective Lync Resource Toolkit pages (at the very top of the right-hand menus).
Lync Server 2013
Importantly, the bulletin uses some rather strong wording to indicate you need to install this AFTER the February update (aka CU1):
“You have to make sure that the latest cumulative update is installed before you apply the security update.”
I thought you might like to see what it’s going to update.