Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB4013242
HistoryMar 14, 2017 - 12:00 a.m.

MS17-015: Security Update for Microsoft Exchange Server: March 14, 2017

2017-03-1400:00:00
Microsoft
support.microsoft.com
19

EPSS

0.004

Percentile

74.4%

JSON

<html><body><p>Resolves a vulnerability in the Microsoft Exchange Outlook Web Access (OWA).</p><h2>Summary</h2><div>This update resolves a vulnerability in the Microsoft Exchange Outlook Web Access (OWA). <span>The vulnerability could allow remote code execution in Exchange Server if an attacker<em><span> </span></em>sends an email that includes a specially crafted attachment to a vulnerable Exchange server</span>. To learn more about this vulnerability, see <a href=“https://technet.microsoft.com/library/security/ms17-015” target=“_self”>Microsoft Security Bulletin MS17-015</a>.</div><h2></h2><span>Important</span><ul><li>All future security and nonsecurity updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update <a href=“https://support.microsoft.com/en-us/help/2919355” target=“_self”>2919355</a> to be installed. We recommend that you install update <a href=“https://support.microsoft.com/en-us/help/2919355” target=“_self”>2919355</a> on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates.</li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a href=“https://technet.microsoft.com/en-us/library/hh825699” target=“_blank”>Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following article contains additional information about this security update as it relates to individual product versions. The article may contain known issue information.</span></div><ul><li><span><span><a href>4012178</a> MS17-015: Description of the security update for Exchange Server 2016 and Exchange Server 2013: March 14, 2017</span></span></li></ul><h2>Security update deployment information</h2><h3><strong>Microsoft Exchange Server 2013</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table><tbody><tr><td width=“28%”><p><strong>Inclusion in future service packs</strong></p></td><td width=“71%”><p>The update for this issue will be included in a future service pack or update rollup.</p></td></tr><tr><td width=“28%”><p><strong>Security update file name</strong></p></td><td width=“71%”><p>For Microsoft Exchange Server 2013 Service Pack 1 and Microsoft Exchange Server 2013 Cumulative Update 14:<br /><strong>Exchange2013-KB4012178-x64-en.msp</strong></p></td></tr><tr><td width=“28%”><p><strong>Installation switches</strong></p></td><td width=“71%”><p>See <a href=“https://support.microsoft.com/kb/934307”><u>Microsoft Knowledge Base article 934307</u></a></p></td></tr><tr><td width=“28%”><p><strong>Restart requirement</strong></p></td><td width=“71%”><p>In some cases, this update does not require a system restart. If the required files are being used, this update will require a system restart. If this behavior occurs, you receive a message that advises you to restart your system.</p></td></tr><tr><td width=“28%”><p><strong>Update log file</strong></p></td><td width=“71%”><p>KB4012178.log</p></td></tr><tr><td width=“28%”><p><strong>Removal information</strong></p></td><td width=“71%”><p>Use the <strong>Add or Remove Programs</strong> item in Control Panel.</p></td></tr><tr><td width=“28%”><p><strong>File information</strong></p></td><td width=“71%”><p>See <a href=“https://support.microsoft.com/kb/4012178”><u>Microsoft Knowledge Base article 4012178</u></a></p></td></tr><tr><td width=“28%”><p><strong>Registry key verification</strong></p></td><td width=“71%”><p>For supported editions of Microsoft Exchange Server 2013:<br />HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Exchange 2013\KB4012178</p></td></tr></tbody></table><p> </p><h3><strong>Microsoft Exchange Server 2016</strong></h3><p><strong>Reference table</strong></p><p>The following table contains the security update information for this software.</p><table><tbody><tr><td width=“28%”><p><strong>Inclusion in future service packs</strong></p></td><td width=“71%”><p>The update for this issue will be included in a future service pack or update rollup.</p></td></tr><tr><td width=“28%”><p><strong>Security update file name</strong></p></td><td width=“71%”><p>For Microsoft Exchange Server 2016 Cumulative Update 3:<br /><strong>Exchange2016-KB4012178-x64-en.msp</strong></p></td></tr><tr><td width=“28%”><p><strong>Installation switches</strong></p></td><td width=“71%”><p>See <a href=“https://support.microsoft.com/kb/934307”><u>Microsoft Knowledge Base article 934307</u></a></p></td></tr><tr><td width=“28%”><p><strong>Restart requirement</strong></p></td><td width=“71%”><p>In some cases, this update does not require a system restart. If the required files are being used, this update will require a system restart. If this behavior occurs, you receive a message that advises you to restart your system.</p></td></tr><tr><td width=“28%”><p><strong>Update log file</strong></p></td><td width=“71%”><p>KB4012178.log</p></td></tr><tr><td width=“28%”><p><strong>Removal information</strong></p></td><td width=“71%”><p>Use the <strong>Add or Remove Programs</strong> item in Control Panel.</p></td></tr><tr><td width=“28%”><p><strong>File information</strong></p></td><td width=“71%”><p>See <a href=“https://support.microsoft.com/kb/4012178”><u>Microsoft Knowledge Base article 4012178</u></a></p></td></tr><tr><td width=“28%”><p><strong>Registry key verification</strong></p></td><td width=“71%”><p>For supported editions of Microsoft Exchange Server 2016:<br />HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Exchange 2016\KB4012178</p></td></tr></tbody></table><h2>How to obtain help and support for this security update</h2><div>Help for installing updates: <a href=“https://support.microsoft.com/ph/6527” target=“_self”><u>Windows Update FAQ</u></a><br /><br />Security solutions for IT professionals: <a href=“https://technet.microsoft.com/security/bb980617.aspx” target=“_self”><u>TechNet Security Support and Troubleshooting</u></a><br /><br />Help for protecting your Windows-based computer from viruses and malware: <a href=“https://support.microsoft.com/contactus/cu_sc_virsec_master” target=“_self”><u>Microsoft Secure</u></a><br /><br />Local support according to your country: <a href=“https://www.microsoft.com/en-us/locale.aspx” target=“_self”><u>International Support</u></a></div></body></html>

Related

nvd 1
cve 1
openvas 1
mscve 1
nessus 1
cvelist 1
kaspersky 1
symantec 1
mskb 1
prion 1
nvd
nvd
CVE-2017-0110
2017-03-17 00:59:02
cve
cve
CVE-2017-0110
2017-03-17 00:59:02
openvas
openvas
Microsoft Exchange Server Remote Privilege Escalation Vulnerability (4013242)
2017-03-15 00:00:00
mscve
mscve
Microsoft Exchange Server Elevation of Privilege Vulnerability
2017-03-14 07:00:00
nessus
nessus
MS17-015: Security Update for Microsoft Exchange Server (4013242)
2017-03-15 00:00:00
cvelist
cvelist
CVE-2017-0110
2017-03-17 00:00:00
kaspersky
kaspersky
KLA10982 Privilege escalation vulnerability in Microsoft Exchange Server
2017-03-14 00:00:00
symantec
symantec
Microsoft Exchange Server CVE-2017-0110 Remote Privilege Escalation Vulnerability
2017-03-14 00:00:00
mskb
mskb
MS17-015: Description of the security update for Exchange Server 2016 and Exchange Server 2013: March 14, 2017
2017-03-14 07:00:00
prion
prion
Cross site scripting
2017-03-17 00:59:00

EPSS

0.004

Percentile

74.4%

JSON
Related for KB4013242
nvd1cve1openvas1mscve1nessus1cvelist1kaspersky1symantec1mskb1prion1