Lync 2013 / SfB 2015 Client Security Update – September 2015

Posted by on

This month we have another security update – and this time it includes some fixes and new/changed functionality!

Kb3085500: MS15-097: Description of the security update for Microsoft Lync 2013 (Skype for Business): September 8, 2015:

“This security update resolves vulnerabilities in Microsoft Lync 2013. These vulnerabilities could allow remote code execution if a user opens a specially crafted document or goes to an untrusted webpage that contains embedded OpenType fonts. To learn more about the vulnerabilities, see Microsoft Security Bulletin MS15-097.”

What’s Fixed?

  • Kb3088665 Adds an AllowSavePassword Group Policy setting to remove the Save Password check box in Skype for Business or Lync 2013
  • Kb3088668 Non-ASCII characters are removed from search box in Skype for Business or Lync 2013
  • Kb3088667 “c0000005” error occurs and Skype for Business or Lync 2013 crashes when you upload a file to a persistent chat room
  • Kb3088669 Your phone numbers disappear when you expand a distribution group in contact list in Skype for Business or Lync 2013
  • Kb3088664 The “Copy” and “Select All” options are disabled for the first instant message in Skype for Business or Lync 2013
  • Kb3088660 Skype for Business or Lync 2013 SDK provides the same window handle value for different PSTN conversation windows
  • Kb3088671 The updated address book can’t be downloaded in Skype for Business or Lync 2013
  • Kb3088670 Call transfer doesn’t transfer a call to the contact that you select in Skype for Business or Lync 2013

What’s New?

  • Kb3088666 Update changes the text label from “Skype call” to “Skype for Business call” in Skype for Business or Lync 2013

Before

After
Sept2015ClientSecurityUpdate-SkypeCall-Before2 Sept2015ClientSecurityUpdate-SfBCall-After2

(I’ve only captured one appearance, but you’ll find this change has been made throughout the client).

Continue reading ‘Lync 2013 / SfB 2015 Client Security Update – September 2015’ »

Lync 2010 Client Security Update – August 2015

Posted by on

Being two releases behind, Lync 2010 doesn’t get much of a look-in around here these days, but I shouldn’t neglect referencing the latest Security Update:

Kb3075593: MS15-080: Description of the security update for Lync 2010: August 11, 2015 “This security update resolves vulnerabilities in Microsoft Lync 2010. These vulnerabilities could allow remote code execution if a user opens a specially crafted document or goes to an untrusted webpage that contains embedded TrueType or OpenType fonts. To learn more about the vulnerability, see Microsoft Security Bulletin MS15-080”.

This update takes the Lync 2010 client to 4.0.7577.4476.

Download

This is the client fix itself:

  • x86 (Lync.msp)
  • x64 (Lync.msp)

This is the updated version of the Lync 2010 Attendee software:

 

– G.

Lync 2013 / SfB 2015 Client Security Update – August 2015

Posted by on

I have a little secret to share: I get a quiet delight out of seeing news of a security update for Lync/SfB. Don’t get me wrong, I certainly don’t enjoy reading of potential vulnerabilities in the product; what I do enjoy is knowing that each security update includes all of the fixes they’d coded into the product since the last ‘official’ update, and so my clients and I get the benefit of the fixes before they were otherwise going to see the light of day…

And so it is that we have an August update to the Lync 2013 / Skype for Business 2015 client:

Kb3055014: Description of the security update for Microsoft Lync 2013 (Skype for Business): August 11, 2015

“This security update resolves vulnerabilities in Microsoft Lync 2013. These vulnerabilities could allow remote code execution if a user opens a specially crafted document or goes to an untrusted webpage that contains embedded TrueType or OpenType fonts. To learn more about the vulnerabilities, see Microsoft Security Bulletin MS15-080”.

What’s Fixed?

As if to spite me – perhaps as payback for my opening line – there are no documented fixes at this stage, beyond those of the security update itself.

What’s New?

kb3080519: Adds a policy setting from in-band provisioning to disable media traffic over IPv6 in Skype for Business or Lync 2013. (See my more detailed post here).

Continue reading ‘Lync 2013 / SfB 2015 Client Security Update – August 2015’ »

Sonus Third Party Presence

Posted by on

Hot off the press (as of July 2015) is v5 of Sonus’ SBC 1k/2k firmware, and its “Third Party Presence” feature.

I covered the new features in my last post, but wanted to particularly highlight this one as it’s quite ground-breaking.

I think the potential for this is vast: *any* call that’s going through the SBC can set a user’s presence:

  • A user who’s still on your PABX, only using SfB/Lync for IMs can still be showing as “in a call” when they’re on their PABX phone. (Yes, there’s possibly some overlap with SfB’s Call Via Work feature here – but this works on Lync 2013 as well!)
  • A remote user – perhaps an executive – calls in from their home phone – they’ll show as “in a call”
  • If you want to monitor calls to/from a given country, area code, partner organisation or even an individual, set the presence for a dummy user account you’re monitoring. (Awesome debugging tool or what?)
  • Want to know if there are any active calls to UM, SA or some other service?
  • See the presence each time the door intercom, paging trunk or boom gate is active

Continue reading ‘Sonus Third Party Presence’ »

Sonus SBC 1k/2k v5 firmware

Posted by on

It’s been not 9 months since the last major upgrade to the Sonus SBC 1k/2k family. v4 came out late last year and I wrote of its benefits in early December, in particular the shedding of the Java requirement for the real-time monitor.

Now v5 has landed, and it’s perhaps as impressive a leap as last time, if not more so.

I’ve had a chance to peruse the documentation, trawl the XML backup file and take it for a spin. Here’s the official list, as well as some extras I thought worthy of special mention:

  • ASM Enhancements – The ASM now supports images based on Microsoft Windows Server 2012R2
  • Skype for Business – Sonus SBC 1000/2000 is now certified for Microsoft’s Skype for Business
  • Third Party Skype/Lync Presence – The Third Party Skype/Lync Presence feature enables the status of non-Lync endpoints to be communicated on behalf of Lync Clients
  • NTTCom Support – Several enhancements are now included for NTTCom certifications
  • NFS Storage – The Sonus 1000/2000 provides storage for the Sonus SBC 1000/2000’s internal files
  • NAT Traversal/NTP Latching – The NAT Traversal/NTP Latching feature enables SIP endpoints that are behind NAT routers to register and communicate with the Sonus SBC 1000/2000
  • Split DNS – The SBC1000/2000 can now be configured to use a Primary DNS Server, a Secondary DNS Server, and a Domain Specific DNS Server (Split-DNS) to resolve FQDNs
  • Direct Media – Direct Media support for SIP-to-SIP calls enables SIP Signaling to go through the SBC 1000/2000 without media being passed through the SBC
  • Connected Name Support – Connected Name is now supported in SIP and QSIG ISDN. The SIP Connected Name is derived from the To header
  • Packet Capture – Packet Capture is a new diagnostic feature in the Sonus SBC 1000/2000, which captures IP traffic to troubleshoot problems, such as SIP, AD, etc
  • Easy Configuration – The Sonus SBC 1000/2000 Web interface now includes a built-in step-by-step setup Easy Configuration wizard, which enables end-users to quickly deploy SBC1000/2000 within a couple of minutes
  • Auto Configuration with BroadSoft Web Services – Sonus SBC 1000/2000 now enables configuration and and updating of SBC 1k/2k remotely from a BroadSoft Server, using SIP NOTIFY message
  • SIP Registration and Subscription WebUI – A new feature has been added to the Sonus SBC 1000/2000 to monitor selected SIP register and subscribe sessions
  • Initial Setup Enhancement – The Initial Setup Enhancement features provides the ability to configure Ethernet 2 in the Initial Setup, along with Additional Routes apart from the Default Route in the Initial Setup Page
  • Alarm and Event History – The Alarm/Event History display provides diagnostics and troubleshooting capabilities for the Sonus SBC 1000/2000 by rendering the latest alarms/events in the system
  • Maximum Call Duration – A maximum call talk timer will force-clear a long-held call

Continue reading ‘Sonus SBC 1k/2k v5 firmware’ »

SfB 2015 Topology Publish Failed

Posted by on

I was tinkering in the Lab recently creating a new Trusted App through PowerShell, and at the “Enable-CsTopology” step it failed with a less-than-helpful error:

ErrorInPowerShell-edit

Enable-CsTopology : Command execution failed: "1" error categories reported in topology document.
At line:1 char:1
+ Enable-CsTopology
+ ~~~~~~~~~~~~~~~~~     + CategoryInfo          : InvalidOperation: (:) [Enable-CsTopology], DeploymentException     + FullyQualifiedErrorId : ProcessingFailed,Microsoft.Rtc.Management.Deployment.ActivateTopologyCmdlet

Continue reading ‘SfB 2015 Topology Publish Failed’ »

Lync 2013 / SfB 2015 Client Update – July 2015

Posted by on

The latest client update is out: the July 14, 2015, update for Lync 2013 (Skype for Business) (KB3054946).

This one takes the Office 2013-based Lync/SfB client from 15.0.4727.1001 to 15.0.4737.1001.

What’s Fixed

  • Kb3076504 CPU usage is reduced by emoticon animations that are active in multiple conversations in Skype for Business or Lync 2013
  • Kb3072756 Update UI to better display presence information in Skype for Business when calendar is set to out of office
  • Kb3072755 Chinese Contact Group name is displayed in garbled characters in Skype for Business or Lync 2013
  • Kb3072754 Update user interface for group contact counts in contact lists in Skype for Business or Lync 2013
  • Kb3072753 Active Directory contact’s name is changed to the phone number in the contact list of Skype for Business or Lync 2013
  • Kb3072752 Typed characters take a long time to display in the message input box in Skype for Business or Lync 2013
  • Kb3072751 Add the click-to-call feature for RCC-enabled users from the contact card in Skype for Business or Lync 2013
  • Kb3072750 Update changes the text label from participant code to Conference ID in Skype for Business or Lync 2013

Continue reading ‘Lync 2013 / SfB 2015 Client Update – July 2015’ »

Lync 2013 Server Update – July 2015

Posted by on

July 10th saw an update to the Lync 2013 Server components. In a break with tradition, *every* installed component gets an update, so now they’re all at 5.0.8308.920. The reasoning for this is not yet clear.

What’s Fixed?

There are a handful of fixes, but lots of generic “improves the reliability, stability, and performance of…”.

  • Kb 3070715 RTCSrv.exe crashes when the process is selected in Resource Monitor tool in a Lync Server 2013 environment
  • Kb 3070718 CPU usage percentage of the RTCSrv.exe process is high on a Lync Server 2013 front-end server
  • Kb 3070721 Lync Server 2013 Front End service cannot check conference service availability
  • Kb 3051963 Lync Mobile Client call is dropped immediately when you dial 0 for an operator
  • Kb 3062801 Lost data when Lync Server 2013 directories move to Skype for Business
  • Kb 3070713 This cumulative update resolves an issue in which Lync Server 2013 response group usage report takes longer time to run
  • Kb 3070720 This cumulative update resolves an issue in which participants cannot see your video when you join an online meeting through B2BUA
  • Kb 3070717 This cumulative update resolves an issue in which call park orbit number is not displayed in Lync Server 2013

Continue reading ‘Lync 2013 Server Update – July 2015’ »

SfB 2015 Server Update – June 2015

Posted by on

We’ve hit another milestone with the arrival of the first update for the Skype for Business 2015 Server. This update takes the server to your choice of either 6.0.9319.45 (as described in the KBs) or 6.0.9319.55 (as described on the download link and visible in the image below).

What’s Fixed?

A few hot buttons have been addressed here:

  • Kb3069206 Exchange UM Auto Attendant can’t transfer call to phone/extension number in Skype for Business Server 2015 environment
  • Kb3068921 RTCHost.exe process persistently consumes many CPU resources on a Skype for Business Server 2015 Front End server
  • Kb3068926 Default presence configuration parameter is incorrect on a Skype for Business Server 2015 server
  • Kb3068920 The cumulative update resolves an issue in which Skype for Business Web App crashes
  • KB3068931 You cannot join a Skype for Business 2015 meeting when the server is deployed in Turkey system locale
  • KB3068932 “Device is not allowed to join” when you click a Skype for Business meeting URL on a Windows Phone 8.1 phone
  • Kb3068918 The cumulative update resolves an issue in which a call is disconnected when a user un-parks the call
  • Kb3068196 Call to a RGS number cannot be transferred to an available RGS agent in Skype for Business Server 2015-based client
  • Kb3068197 Skype for Business Server 2015 RGS agent receives a toast for a second call after agent accepts the first waiting call

Continue reading ‘SfB 2015 Server Update – June 2015’ »