Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

MS16-108: Security update for Exchange Server: September 13, 2016


View products that this article applies to.

Summary

This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow remote code execution in some Oracle Outside In Libraries that are built into Exchange Server. This issue might occur if an attacker sends an email message with a specially crafted attachment to a vulnerable Exchange Server computer. To learn more about this vulnerability, see Microsoft Security Bulletin MS16-108.

↑ Back to the top


More information about this security update

The following articles contain more information about this security update as it relates to individual product versions.
  • 3184736 MS16-108: Description of the security update for Exchange Server 2016 and Exchange Server 2013: September 13, 2016
  • 3184728 MS16-108: Update Rollup 15 for Exchange Server 2010 Service Pack 3: September 13, 2016
  • 3184711 MS16-108: Update Rollup 21 for Exchange Server 2007 Service Pack 3: September 13, 2016

↑ Back to the top


Security update deployment information

Microsoft Exchange Server 2007

Reference table

The following table contains the security update information for this software.
Inclusion in future service packsThe update for this issue will be included in a future service pack or update rollup
Security update file nameFor Microsoft Exchange Server 2007 Service Pack 3 :
Exchange2007-KB3184711-x64-EN.msp
Installation switchesSee Microsoft Knowledge Base Article 912203
Restart requirementIn some cases, this update does not require a system restart. If the required files are being used, this update will require a system restart. If this behavior occurs, you receive a message that advises you to restart your system.
Update log fileKB3184711.log
Removal informationUse Add or Remove Programs item in Control Panel.
File informationSee Microsoft Knowledge Base Article 3184711
Registry key verificationFor Microsoft Exchange Server 2007 Service Pack 3:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Exchange 2007\SP2\KB3184711

Microsoft Exchange Server 2010

Reference table

The following table contains the security update information for this software.
Inclusion in future service packsThe update for this issue will be included in a future service pack or update rollup
Security update file nameFor Microsoft Exchange Server 2010 Service Pack 3:
Exchange2010-K3184728B-x64-en.msp
Installation switchesSee Microsoft Knowledge Base Article 912203
Restart requirementIn some cases, this update does not require a system restart. If the required files are being used, this update will require a system restart. If this behavior occurs, you receive a message that advises you to restart your system.
Update log fileK3184728B.log
Removal informationUse Add or Remove Programs item in Control Panel.
File informationSee Microsoft Knowledge Base Article 3184728
Registry key verificationFor Microsoft Exchange Server 2010 Service Pack 3:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Exchange 2010\SP3\KB3184728B

Microsoft Exchange Server 2013

Reference table

The following table contains the security update information for this software.
Inclusion in future service packsThe update for this issue will be included in a future service pack or update rollup
Security update file nameFor Microsoft Exchange Server 2013 Service Pack 1, Microsoft Exchange Server 2013 Cumulative Update 12, and Microsoft Exchange Server 2013 Cumulative Update 13:
Exchange2013-KB3184736-x64-en.msp
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementIn some cases, this update does not require a system restart. If the required files are being used, this update will require a system restart. If this behavior occurs, you receive a message that advises you to restart your system.
Update log fileKB3184736.log
Removal informationUse Add or Remove Programs item in Control Panel.
File informationSee Microsoft Knowledge Base Article 3184736
Registry key verificationFor supported editions of Microsoft Exchange Server 2013:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Exchange 2013\KB3184736

Microsoft Exchange Server 2016

Reference table

The following table contains the security update information for this software.
Inclusion in future service packsThe update for this issue will be included in a future service pack or update rollup
Security update file nameFor Microsoft Exchange Server 2016 Cumulative Update 1, and Microsoft Exchange Server 2016 Cumulative Update 2:
Exchange2016-KB3184736-x64-en.msp
Installation switchesSee Microsoft Knowledge Base Article 934307
Restart requirementIn some cases, this update does not require a system restart. If the required files are being used, this update will require a system restart. If this behavior occurs, you receive a message that advises you to restart your system.
Update log fileKB3184736.log
Removal informationUse Add or Remove Programs item in Control Panel.
File informationSee Microsoft Knowledge Base Article 3184736
Registry key verificationFor supported editions of Microsoft Exchange Server 2016:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Exchange 2016\KB3184736

How to get help and support for this security update

Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

↑ Back to the top


References

Third-party information disclaimer
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.

↑ Back to the top


Keywords: kb, kbsecvulnerability, kbsecurity, kbsecreview, kbsecbulletin, kbmustloc, kblangall, kbfix, kbexpertiseinter, kbbug, atdownload

↑ Back to the top

Article Info
Article ID : 3185883
Revision : 1
Created on : 1/7/2017
Published on : 9/13/2016
Exists online : False
Views : 419