Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

MS13-041: Vulnerability in Lync could allow remote code execution: May 14, 2013


View products that this article applies to.

INTRODUCTION

Microsoft has released security bulletin MS13-041. To view the complete security bulletin, visit the following Microsoft website: 

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

↑ Back to the top


Known issues with this security update

Each security update that is addressed in this bulletin requires that the latest publicly released cumulative update for the affected software is installed before you apply the update. If you install an update through Microsoft Update, the appropriate cumulative update will be automatically installed together with the security update.

However, if you plan to apply an update manually by downloading it from the Microsoft Download Center, you should be aware that the Lync Server Update Installer on Microsoft Download Center page will automatically install previous Cumulative Updates (CU) for all Lync Servers. See the following table for product-specific links for obtaining the cumulative updates for manual installations.

Affected SoftwareDownload Page for Latest Cumulative Update
Microsoft Office Communicator 2007 R2
(2827753)
Updates Resource Center for Office Communications Server 2007 R2 and Clients
Microsoft Lync 2010 (32-bit)
(2827750)
Updates resource center for Lync 2010
Microsoft Lync 2010 (64-bit)
(2827750)
Updates resource center for Lync 2010
Microsoft Lync 2010 Attendee
(admin level install)
(2827752)
Updates resource center for Lync 2010
Microsoft Lync 2010 Attendee
(user level install)
Updates resource center for Lync 2010
Microsoft Lync Server 2013
(2827754)
Updates resource center for Lync Server 2013

↑ Back to the top


Known issues and additional information about this security update




The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed below each article link.


  • 2827750  MS13-041: Description of the security update for Lync 2010: May 14, 2013

    Known issues in security update 2827750:
    • When you install an update for Lync 2010, you are not prompted to close the application (Lync 2010). All ongoing conversations and conferences will be stopped in order to install the update successfully. The user must manually start Lync 2010 after the installation procedure is complete.
  • 2827751  MS13-041: Description of the security update for Lync 2010 Attendee (user level install): May 14, 2013 
  • 2827752  MS13-041: Description of the security update for Lync 2010 Attendee (Administrator level installation): May 14, 20103 
  • 2827753  MS13-041: Description of the security update for Office Communicator 2007 R2: May 14, 2013 
  • 2827754  MS13-041: Description of the security update for Lync 2013 Web Access: May 14, 2013 
File hash information
File nameSHA1 hashSHA256 hash
AttendeeAdmin.msp483A85ABA820006A2F642E77DDC083ABB2FF14A28D807454AE8F333E8358578F8AD9884900004B22446643538CFBF6D80BC93160
AttendeeUser.msp24E2839B67D7954304655BCD2C25E4528F59D82CDCBC634F4E81680C71A2E6BE84F0A06E302B7E8F9770171052FBC38CBA1ECDF7
communicator.mspF5CFA0F71F59F54FEC7C58353CA094A6B544A9891DD50B2BB349042475587CEE70C82D5E45BD706DCB04F031F394FC7935BD0934
WebComponents.mspB822432792D2433F5CA868B066CC0F63BA2DFF8F409411B9747F91FE326DB9842C6D661A85A5568E782DCFF5E6C5740BD99363DC
lync.msp3CEA167A2B959B122FE18CF815CC8336BD839FB90961ADDEEE21410F9675B50E97FB2780ADB2FCD68BAA0ECBB22CB3DE904793C8
lync.mspAA540608DB00295ADEE6349AE25FA8D1798862792B91865EEDBDBE694CC9633BC229DAC0728E9A0932F30DF6D5E2754F54847811

↑ Back to the top


Keywords: kbsurveynew, kbfix, kbbug, kbsecvulnerability, kbsecreview, kbmustloc, kbsecurity, kbqfe, kb, kblangall, kbexpertiseinter, kbsecbulletin

↑ Back to the top

Article Info
Article ID : 2834695
Revision : 1
Created on : 1/7/2017
Published on : 5/14/2013
Exists online : False
Views : 389