Endpoint Vulnerability

Security Update for Microsoft Exchange Server

Description

This security update resolves vulnerabilites in Microsoft Exchange Server. The most severe of the vulnerabilities could allow information disclosure if an attacker sends a specially crafted image URL in an Outlook Web Access (OWA) message that is loaded, without warning or filtering, from the attacker-controlled URL.

Affected Products

Microsoft Exchange Server 2007,Microsoft Exchange Server 2010,Microsoft Exchange Server 2013,Microsoft Exchange Server 2016

References

CVE-2016-0028,