SfB 2016 Client Security Update – December 2015

This week’s security update also covers the Office 2016 client for SfB.

Kb3114372: “MS15-128: Description of the security update for Skype for Business 2016: December 8, 2015

This security update resolves vulnerabilities in Skype for Business 2016 that could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted embedded fonts. To learn more about these vulnerabilities, see Microsoft Security Bulletin MS15-128.

For a complete list of affected software, see Microsoft Knowledge Base article 3104503.

What’s Fixed

This security update also contains fixes for the following nonsecurity issues:

  • Kb3114303 App sharing sessions fails in Skype for Business 2016 when the transport thread is busy
  • Kb3114299 Media setup may fail and all media diagnostics information is missing in Skype for Business 2016

What’s New / Changed

This security update contains the following improvement:

  • Renames the “Add-Ins” string to the “Add-ins” string for consistency.

Known Issues

None documented.

Pre-Req’s

None!

Download

This is the client fix itself:

  • x86 (lync2016-kb3114372-fullfile-x86-glb.exe)
  • x64 (lync2016-kb3114372-fullfile-x64-glb.exe)

Before / After

I’m running the Professional Plus ISO-based install of Office 2016 and the patch was deemed not applicable:

Before

After

SfB 16.0.6001.1038
SfB2016-Client-Dec2015SecurityUpdate-Before SfB2016-Client-Dec2015SecurityUpdate-NotRequired

 

Revision History

9th December 2015: This is the initial post

 
– G.

3 Comments

  1. “I’m running the Professional Plus ISO-based install of Office 2016 and the patch was deemed not applicable”

    How is this possible, that a security/bugfix patch is not applicable to some kind of client installation, even if indeed the installed client is older than the patch?
    Is it not applicable to Sfb2016 Basic client as well?

Leave a Reply

Your email address will not be published. Required fields are marked *

... and please just confirm for me that you're not a bot first: Time limit is exhausted. Please reload the CAPTCHA.

This site uses Akismet to reduce spam. Learn how your comment data is processed.