MS13-061: Vulnerabilities in Microsoft Exchange Server could allow remote code execution: August 13, 2013

<html><body><p>Resolves vulnerabilities in Microsoft Exchange Server that could allow remote code execution if a user on an affected Exchange server views a specially crafted file in an email attachment.</p><h2>INTRODUCTION</h2><div>Microsoft has released security bulletin MS13-061. To view the complete security bulletin, go to one of the following Microsoft websites: <ul><li>Home users:<br /><div><a href=“http://www.microsoft.com/security/pc-security/updates.aspx” target=“_self”>http://www.microsoft.com/security/pc-security/updates.aspx</a></div><span>Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now: <div><a href=“http://update.microsoft.com/microsoftupdate/” target=“_self”>http://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals:<br /><div><a href=“http://technet.microsoft.com/security/bulletin/ms13-061” target=“_self”>http://technet.microsoft.com/security/bulletin/MS13-061</a></div></li></ul><h3>How to obtain help and support for this security update</h3>Help installing updates: <a href=“https://support.microsoft.com/ph/6527” target=“_self”>Support for Microsoft Update</a><br /><br />Security solutions for IT professionals: <br /><a href=“http://technet.microsoft.com/security/bb980617.aspx” target=“_self”>TechNet Security Troubleshooting and Support</a><br /><br />Help protect your computer Windows-based computer from viruses and malware: <a href=“https://support.microsoft.com/contactus/cu_sc_virsec_master” target=“_self”>Virus Solution and Security Center</a><br /><br />Local support according to your country: <br /><a href=“https://support.microsoft.com/common/international.aspx” target=“_self”>International Support</a><br /><br /></div><h2>More Information</h2><div><h3>More information about this security update</h3>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed under each article link.<ul><li><div><a href=“https://support.microsoft.com/en-us/help/2866475”>2866475 </a> Description of Update Rollup 2 for Exchange Server 2010 Service Pack 3</div></li><li><div><a href=“https://support.microsoft.com/en-us/help/2873746”>2873746 </a> Update Rollup 11 for Exchange Server 2007 SP3 is available</div></li><li><div><a href=“https://support.microsoft.com/en-us/help/2874216”>2874216 </a> Security issue that is described in Security Bulletin MS13-061 is resolved by an Exchange Server update</div><span>Known issues in update 2874216</span><br /><br /><span>Note </span>The following known issue is resolved with the re-release of the package that was issued on August 27.<ul><li>Microsoft is aware of problems with update 2874216 that affect Exchange Server 2013. The issue could cause Exchange Server to stop indexing mail on servers. Microsoft has removed the update from Windows Update and the Download Center. </li></ul></li></ul></div><h2></h2><div> <br /><br /> For more information, click the following article number to view the article in the Microsoft Knowledge Base:<br /><div><a href=“https://support.microsoft.com/en-us/help/2879739”>2879739 </a> Security fix MS13-061 breaks content index on Exchange Server 2013</div></div><h2></h2><div><div><div><div><span><span></span></span><span><span>File hash information</span></span></div><div><span><div><div><table><tr><th>File name</th><th>SHA1 hash</th><th>SHA256 hash</th></tr><tr><td>Exchange2007-KB2873746-x64-DE.msp</td><td>C46B9298D04F63AE6CCC93600943D3DB5970D2EF</td><td>AC9702743BB7BAD9C43ECD703E00C264EB623B2B7D914CB2F5720E5D8E22728D</td></tr><tr><td>Exchange2007-KB2873746-x64-EN.msp</td><td>5A3713C81E037014340C0F5E74BF176A9468576E</td><td>2BC62954D341D056445EFA3FC9FAAAF576A897D2562BC57793AC1A8251C1A162</td></tr><tr><td>Exchange2007-KB2873746-x64-ES.msp</td><td>1C63A2070A73F277A7CD15D9749CD05C188D3D48</td><td>9EAE4D6DD784B700E5D539D0BECE6FCE903DA010E408133DDAB625AE0713950D</td></tr><tr><td>Exchange2007-KB2873746-x64-FR.msp</td><td>5B042B73223F4BD8F5A90B3EB40C6219579F12C7</td><td>EC4A146D9C063FBBB4AAF213A2971714F7CF95E5C46C259C6B03937A79CD79A3</td></tr><tr><td>Exchange2007-KB2873746-x64-IT.msp</td><td>F2C3F0A7664CADC79AEAA6ADA84BCAA7B51BED19</td><td>6096B7F276AA787183BA172BD6DC1E48EC2222F51C29D07CCD753825D405670C</td></tr><tr><td>Exchange2007-KB2873746-x64-JA.msp</td><td>4F42290D73D69CD165A973762B4A30E81ED2A85C</td><td>45FFA3BCB76A105E23B9EBB65843FEDB9CA37C76C6644839D3EA35EF23F8705B</td></tr><tr><td>Exchange2007-KB2873746-x64-KO.msp</td><td>4D302195390A4F074076CF8DA67706A223FA950C</td><td>1A6C85F4312BC95754722A9DA525D4EDA6F28797B38F59734AF46E51D648B1E0</td></tr><tr><td>Exchange2007-KB2873746-x64-PT.msp</td><td>145099227DF30E08BC6082655CA36BBA4FAACA1B</td><td>A1551C1C894122B40794B64EB5E71545FD9A24C93B3C89C810CF319DFEAF7151</td></tr><tr><td>Exchange2007-KB2873746-x64-RU.msp</td><td>698D49D5893ACD01109B7E4B41B4CF5A3FB48386</td><td>6741F36DA6DF5625467B094EA5EB5974B1909613AFC6876AC3E17D116F0BAFD0</td></tr><tr><td>Exchange2007-KB2873746-x64-ZH-CHS.msp</td><td>4D89EFC6E098160BC82EA1DB49C6A90120573771</td><td>6ACC4971D51F6032624CACA4745C655E89EBD65BFE52416605C77A515CE234DF</td></tr><tr><td>Exchange2007-KB2873746-x64-ZH-CHT.msp</td><td>5654877B73B5A656E1C70E652A6A32EC9F85DBBE</td><td>704324480793AD71C82E55FF8EC6257A0EBF8F27A47D94FDF198BE018A02A80C</td></tr><tr><td>Exchange2007-KB2873746-x86-DE.msp</td><td>A0142007FB7981BD07E07B6C3F1CA36A0B4EDA56</td><td>097C9188E8E569B573CE6B775649A583FCF3246E50FDDEB34AB31F498866AAE3</td></tr><tr><td>Exchange2007-KB2873746-x86-EN.msp</td><td>1B3ED4A07B34A0EF272B1AA0D53A46DC0DFE22FA</td><td>0C165ACB8CF2EC4A627F91FF6E528233573A1D82283D0C7EC84530135FFF1FD2</td></tr><tr><td>Exchange2007-KB2873746-x86-ES.msp</td><td>7450006FA458264D2FFE21AAA2B9FB82C3A0BF7A</td><td>98517F6FDBC13E63F01272519D42488B959B601F32FADBFFF6C401904D116E06</td></tr><tr><td>Exchange2007-KB2873746-x86-FR.msp</td><td>0C882B65F5A6FEF8841547B051E92B0703961220</td><td>32BEEF114B44F3630ED005695B9CF3E5E58FB0931BCB2926AAC66D5E49CCA71D</td></tr><tr><td>Exchange2007-KB2873746-x86-IT.msp</td><td>FD79F6F11318DBFC5B3B9437231CDF6232168DF9</td><td>DDFAB680345AC7B858991AB15B3228F01C2C5AE29B4114C881439A28D62BD1D5</td></tr><tr><td>Exchange2007-KB2873746-x86-JA.msp</td><td>E3E9ED810896A29DF5B6BA8EB976728A252F8A9B</td><td>91BA2A69A2E981CCB673D90EA448DC6A6F00FA7137CDE4C1830AC2511B003A2A</td></tr><tr><td>Exchange2007-KB2873746-x86-KO.msp</td><td>7F26E037BF71CCD90579421ADE24146A7CB7A9C2</td><td>CBF4054ABBF0CF28368ADCBD5BF097F0DD88D8E7CDCE050295D5C305F2723EE2</td></tr><tr><td>Exchange2007-KB2873746-x86-PT.msp</td><td>3A6F4D1D4E206ED8BE14BF9DE1382831DE7AAB51</td><td>8355D3B780CEE2E61F7BB034D2212FC81C05EFA0BF17791ED9BB2E8201691A3A</td></tr><tr><td>Exchange2007-KB2873746-x86-RU.msp</td><td>BFF670D647AD4B9296EE02F581E0789A8C379868</td><td>B9188F69431CB80B5227EEAB06DC3027CC48A18CBC26C0154D217C7AF908E1B5</td></tr><tr><td>Exchange2007-KB2873746-x86-ZH-CHS.msp</td><td>B61D8DAAE2D221DD5BA656E2F6202D61D4F9AC11</td><td>605B59F047CEBBAF09BE06E3B1F3E2BA01931BA474301F2F26BFECA5A1C889B8</td></tr><tr><td>Exchange2007-KB2873746-x86-ZH-CHT.msp</td><td>7D2C0E1FE179934344FC492CF9AA4BFD5D9F2D36</td><td>688899072DE577E69DC777E87C1E42ABDAE322A33E4F80564FEB7EE06FC528D9</td></tr><tr><td>Exchange2010-KB2866475-x64-ar.msp</td><td>1AF387255597474F90D05492D3066F47DF3C6EBF</td><td>E51D4947F25829BF826D72122E4FCB342B2A696DAA8613FF1A205B8713180D00</td></tr><tr><td>Exchange2010-KB2866475-x64-de.msp</td><td>17E466E3FC82FF291052141313A9D5C11E8E1DD1</td><td>554FC11169949FDDF09E20707F3EF92D2B227DD5CD0A34C17C245744FE57E884</td></tr><tr><td>Exchange2010-KB2866475-x64-en.msp</td><td>3DF411FF7F1F9334A063DBC6A1EDFB49CDE781D6</td><td>8D22C4C58367F238DB528CF1DB9A025DBA3F8E04928BFC28AF41BAAA48361FBB</td></tr><tr><td>Exchange2010-KB2866475-x64-es.msp</td><td>E572FDF12CCD19B26416AA19B7DC43291C67F507</td><td>BBF625E9DC087E2F4C58992BA276032ACB42777A9143C50B96ED6AC43D797AC7</td></tr><tr><td>Exchange2010-KB2866475-x64-fr.msp</td><td>E628AA9F5F2BCD404270DEAB489C9EA358385F6D</td><td>DAE40CA12617448AC15E47AA1A214A4C2B2DD2BD2C03787857512D2BBB2B35B9</td></tr><tr><td>Exchange2010-KB2866475-x64-he.msp</td><td>74E584F6B47C3CD929806ABC044DAA7250CFECA6</td><td>DA66775213195FD8F5EC308E184A1A23E0280EE9F01D13153D3C32776A6EE568</td></tr><tr><td>Exchange2010-KB2866475-x64-it.msp</td><td>E03E268ABFFD90D08B94EF039F1BDC30D30A344C</td><td>54AFDEB0A66A22D5CF2CD90E39D44698DA4322977850D441C377BA6F2498D0F2</td></tr><tr><td>Exchange2010-KB2866475-x64-ja.msp</td><td>AF47EC2B4150482DA36BBFF14BE5B463772C7ABA</td><td>0D63C6E085D9CBE46401E10A43C06CF7AC908D803928691430FA9F5EA84572F7</td></tr><tr><td>Exchange2010-KB2866475-x64-ko.msp</td><td>BC25592A9A8788B3E6365E249C3336AF80B85BE3</td><td>8F8893036F62A74BEC3C60D248AF71AF642CDE0B39D62E0416FDDBDA4BE160E4</td></tr><tr><td>Exchange2010-KB2866475-x64-pt.msp</td><td>2C1D28810A08EC0B361BB183C7B8F9EFBD6BD73F</td><td>D9D7296085055176F2E710FC06875989FF1A12932704B8D6148E4E3B55304428</td></tr><tr><td>Exchange2010-KB2866475-x64-ru.msp</td><td>88B382EDF4FD57A432F72698595A3E22354BBB81</td><td>DB872A7F2E9DD7B5581E8B611024B2CEF9AC6F6295AAAB28DB785EED5481576B</td></tr><tr><td>Exchange2010-KB2866475-x64-zh-hans.msp</td><td>D2C2C89837CCC32C930B99405345D01AA9329BCB</td><td>6E0F7F6FD5A179A34F6FF5597B0D62F8FF9984A2FACFAF9FD461D9CA69E247F4</td></tr><tr><td>Exchange2010-KB2866475-x64-zh-hant.msp</td><td>0F1160F875242B4215113C99B2AD2CCFFCB1D5DF</td><td>07812CEE547925D78F83D195CC3D6C21BDD83060E496757E86B7DBEFBBBD3AA5</td></tr><tr><td>Exchange2010-KB2874216-x64-ar.msp</td><td>72F746400A0C57FB7ED5D4DF49FE7E1C0C0494DA</td><td>23BC42C29CD6A7A2F1235975A79A94AB3A86E912917CD0895D19AECB115C2760</td></tr><tr><td>Exchange2010-KB2874216-x64-de.msp</td><td>0B8FADEB9451E1F90B39E815E0DE47D0E9016246</td><td>4C1376A6B88A8641C7DB975562FD683A49D360FB2B0A2CE83F4517D111E2C77A</td></tr><tr><td>Exchange2010-KB2874216-x64-en.msp</td><td>F2B8520A57ABBF9C2262A4ECC0B9884E202F7B2B</td><td>7C9DCD022FD80759D284767B45322EB44455F877B348D11F0D080577DF7D63FF</td></tr><tr><td>Exchange2010-KB2874216-x64-es.msp</td><td>04ECB146B9CDF7F8D2E237D73EE9B9065E575028</td><td>B106DEB7CBD1399C37D6225CA33DB5F584BEDD6CBDDAF11E723C3521E6B8430D</td></tr><tr><td>Exchange2010-KB2874216-x64-fr.msp</td><td>058F386B43D3083960F4A153A1AF2A4410729890</td><td>DEB8CD38649F3EEF2D4E061ADC7DBC576FEEA54009422BDF9CE4436CB98F8D28</td></tr><tr><td>Exchange2010-KB2874216-x64-he.msp</td><td>A5BC1AEC083BC8D1B23DC09E30FE8A2F534738D3</td><td>ED6B88782CEEA568BC12344B1CA40A0A9BDED94978B30F96E2971841B0634944</td></tr><tr><td>Exchange2010-KB2874216-x64-it.msp</td><td>B6E14B4C33391DF2D87571CE3ECF391B9AED56FB</td><td>04DEF7B8F0D3AA825BFBB07DE7374905DB856D9F579D6C3841459707184C421A</td></tr><tr><td>Exchange2010-KB2874216-x64-ja.msp</td><td>64EB764A947CE3590769CDA19C4FBD4C259D3AFC</td><td>2ECE817133AE877478A5A86E63AA661ACCF0BC6C7768A90584DF8980A69F28FD</td></tr><tr><td>Exchange2010-KB2874216-x64-ko.msp</td><td>574FBC438891B8DB4286D1B2EDC02EEB55AE31D1</td><td>C7069668B29761590ADB3B48C29058F0A1CD76222FB9F83E65B598BA6624D030</td></tr><tr><td>Exchange2010-KB2874216-x64-pt.msp</td><td>08FD6768D0382B862C5C0327FB1E1330C754BC6E</td><td>099F75BD692D7C866EC7706D90EF3554B755D3C30F892240AF8D42D223CBA9C7</td></tr><tr><td>Exchange2010-KB2874216-x64-ru.msp</td><td>3112046A997D63A591D1EF2C95102FF95D38325A</td><td>36F655AD1D1D85713884D5E013FC6EF3D08280FBF0069D49291A3FDF8E3F1B43</td></tr><tr><td>Exchange2010-KB2874216-x64-zh-hans.msp</td><td>37B01D58FEE84BD551929CD93CAAC8EFA2A62716</td><td>68A6B0D5B75224AB39646E1374FC72DEC98AA55133C2AE95691F335CAF41C190</td></tr><tr><td>Exchange2010-KB2874216-x64-zh-hant.msp</td><td>408317E8D53D9F045C189FE41DB99B44E4F8B160</td><td>5EA110B208E3735CC8CBFA1F73AC0FA227E27F750387DF4842AFCDD71D8F0426</td></tr><tr><td>Exchange2013-KB2874216-x64-de.msp</td><td>147B0F1A839D5CCEDE4990124F8EF1A3B44D1E49</td><td>72B305E2B538E0EA2467A0EB4824FA72A590967842608DA4985E37F556C0FF4D</td></tr><tr><td>Exchange2013-KB2874216-x64-en.msp</td><td>8583A9CD09891B8BCD3549401E1080E8116CF5FC</td><td>2D79C7118E70FF649E3DE1DC947F9E0F82382492BF45343D64AB8357B48F7EF3</td></tr><tr><td>Exchange2013-KB2874216-x64-es.msp</td><td>34CD94E4AD2D8F5772BB3F37AD707B7D6D874185</td><td>9EA85D7EFE5953461DECAF7B131F4A1B1421D022F047D435680DB5B26773D4AC</td></tr><tr><td>Exchange2013-KB2874216-x64-fr.msp</td><td>B0D2BF24343F8C9AB40999A538E40486763E8794</td><td>14BBE4AA60E505755599F49D25B21EE583DE704A07589C82EB26CA6D1455A2AA</td></tr><tr><td>Exchange2013-KB2874216-x64-it.msp</td><td>31B05B673D1D201797EB3BBEE66A80CAC1B9AE34</td><td>DCDB41C718F6EA36649C4C95B00DAB11A3B6377AA1A7475E193E3C45B0CA7A69</td></tr><tr><td>Exchange2013-KB2874216-x64-ja.msp</td><td>609D84434F7F7DB1C7C0974270B6BF5A5992872D</td><td>322F591F4E07BE28508434F5695B25BB593C2498A1D9ACCB558174D88FDA8EAB</td></tr><tr><td>Exchange2013-KB2874216-x64-ko.msp</td><td>5C0BF21F8255B83C4317EC3DB6C099095DAA8391</td><td>016FF15AFA20414849E724E181F0C2B2A79F3AB9D409D5CA6D729320B2046C53</td></tr><tr><td>Exchange2013-KB2874216-x64-pt.msp</td><td>FF5343C073C842B5481E41ABBD5CDFA8574E6C78</td><td>872F4834F23ACE739C3971D6200F459713B38DC04DFA1A15C96AE77DA4339703</td></tr><tr><td>Exchange2013-KB2874216-x64-ru.msp</td><td>A8D08C72ACB979C10635D1E4A112224AF548D321</td><td>CEE31FCD98AB10C6488BD7849E764DA87CC356B4ED9E0F913A185E418640EED8</td></tr><tr><td>Exchange2013-KB2874216-x64-zh-hans.msp</td><td>84529CDB2286361BEC28E19743A53D31974953BC</td><td>AC4B2BF76EF0D5473A27C3EFBE93856AB48911388899CD91A218B670D01701B8</td></tr><tr><td>Exchange2013-KB2874216-x64-zh-hant.msp</td><td>8DB3622EA802747A16D08E06F854FBB6FC8F81DE</td><td>7993F1421918D1506E1E4CD9DB86FADEC736404FC8D6C2AD3D2FCE80AA446FC8</td></tr></table></div><div><table><tr><th>File name</th><th>SHA1 hash</th><th>SHA256 hash</th></tr><tr><td>Exchange2013-KB2874216-x64-de.msp</td><td>8ADEA74979B64DEEB9D2F9F996F69AD83D80742F</td><td>5AD0A7A920B6846645E9B0619E8CD6CFB8C7B3A56684F31E24025DAA31883F2D</td></tr><tr><td>Exchange2013-KB2874216-x64-en.msp</td><td>109D02A1714D46C9FCDCC471E0863C61B4CC57BF</td><td>36359C6CF5245FE856E19999032A298AB00B917739A07C6B4D95A397E39DC4D5</td></tr><tr><td>Exchange2013-KB2874216-x64-es.msp</td><td>2E5D91C93597E77039FBE8FAEA33A6DC8C939047</td><td>B457137C0DFCAB506715CF24DECA855B413D02027A4B5699D1225FD0D53F1336</td></tr><tr><td>Exchange2013-KB2874216-x64-fr.msp</td><td>69B5B02B37009954F2FC12607073403F9B8BD574</td><td>C7765052BD727BA02F37ADF938EB0D9DAB6CA5198F4727CD32E40435801C3B11</td></tr><tr><td>Exchange2013-KB2874216-x64-it.msp</td><td>A0273AD16A1F0E5F40EF628671560139A32FB7CD</td><td>BB82517F906B9F11BDB327144F32DE3B8E2F639A1131A84198C4A944B5E2020E</td></tr><tr><td>Exchange2013-KB2874216-x64-ja.msp</td><td>4B68849BFDC9BD6EE2987E31A76E3E61071AEF40</td><td>ABBD9A729C5819C419F456B105CEC3237BD06BD644FA39A26F59C226E45440E4</td></tr><tr><td>Exchange2013-KB2874216-x64-ko.msp</td><td>8BED42399A5AA85414028944CA2A5839E05A16D3</td><td>03F657DEA7090696B0BFBE3D8D4AD0F7DE87AC3D95956EAEBC4DCBF88100A3EA</td></tr><tr><td>Exchange2013-KB2874216-x64-pt.msp</td><td>F8D573AF40E6D36C985AB278B085A01B70D46601</td><td>642D1E53B3C298F129F13FC16A918AB30E903C7F6C6C174B8EE92C0009BD7301</td></tr><tr><td>Exchange2013-KB2874216-x64-ru.msp</td><td>B5EF3E575253246A81FA70A364DF668A219C90D2</td><td>9D491A7301E58E8A6CA34EEA2FC3C759C2C324194F7F775C9E5468E47D79B582</td></tr><tr><td>Exchange2013-KB2874216-x64-zh-hans.msp</td><td>757CD3D2E4A617F234DD5B2C6B2C7F75271D5D9B</td><td>0183ACA28B94A76743389D8F1362463BAD68FAADD2851784C3A48ED51FC01861</td></tr><tr><td>Exchange2013-KB2874216-x64-zh-hant.msp</td><td>B22F1E64B39CE9F7274C839295F23075D0CE56D1</td><td>ED9832E80D1633FF0429A5EF8184026B825D4E7546788D529B7B49D26B770CE0</td></tr></table></div></div><br /></span></div></div></div></div></body></html>