Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB4025865
HistorySep 12, 2017 - 7:00 a.m.

Description of the security update for Lync 2010: September 12, 2017

2017-09-1207:00:00
Microsoft
support.microsoft.com
26

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.099 Low

EPSS

Percentile

94.7%

JSON

Description of the security update for Lync 2010: September 12, 2017

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2017-8676, Microsoft Common Vulnerabilities and Exposures CVE-2017-8695, and Microsoft Common Vulnerabilities and Exposures CVE-2017-8696.

Note To apply this security update, you must have the release version of Lync 2010 installed on the computer.

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More Information

Security update deployment information

For deployment information about this update, see security update deployment information: September 12, 2017.

Security update replacement information

This security update replaces previously released security update KB 4020732.

File hash information

Package Name Package Hash SHA 1 Package Hash SHA 2
(X64) Lync.msp E5482FB57932ED642B0D4EDF745A8D741D639675 2AA0B6380D65529FE3DFFF61B6E96375326C761013C7DDC0416EB2D004B5422A
(x86) Lync.msp 46C2AB221B859F4EE5C183307EF37EDBE46E80E3 F16D716E7E84963898AAD108B35913B73EA9AC73D26784CE4DBA3243653ABDDC

File information

The English version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.For all supported x86-based versions of Lync 2010| File name| File version| File size| Date| Time| Platform
—|—|—|—|—|—
Appshapi.dll| 4.0.7577.4409| 1,141,920| 25-Sep-2013| 20:01| x86
Appshcom.dll| 4.0.7577.4409| 282,272| 25-Sep-2013| 20:01| x86
Appshvw.dll| 4.0.7577.4388| 1,896,600| 11-Apr-2013| 21:27| x86
Autohelper| 4.0.7577.253| 38,672| 31-Mar-2011| 08:45| Not applicable
Communicatorexe| 4.0.7577.4540| 12,120,104| 15-Aug-2017| 20:48| x86
Crecplayerresexe| 4.0.7577.4403| 600,224| 20-Jul-2013| 01:04| x86
File_communicator.exe.manifest| Not applicable| 1,185| 23-Mar-2013| 03:08| Not applicable
File_cures.dll| 4.0.7577.4456| 686,376| 28-Oct-2014| 01:35| x86
File_meetingjoinaxoc| 4.0.7577.4540| 52,784| 15-Aug-2017| 20:46| Not applicable
File_npmeetingjoinpluginoc.dll| 4.0.7577.4540| 33,336| 15-Aug-2017| 20:46| x86
File_ucaddin.dll| 4.0.7577.4445| 910,632| 14-Apr-2014| 21:09| x86
Ocpptview.dll| 4.0.7577.4540| 2,073,120| 15-Aug-2017| 20:46| x86
Ocpubmgrexe| 4.0.7577.4403| 2,371,744| 20-Jul-2013| 01:05| x86
Ocrecdll| 4.0.7577.4403| 791,704| 20-Jul-2013| 01:05| x86
Ogl.dll| 4.0.7577.4540| 1,712,152| 15-Aug-2017| 20:46| x86
Playback_annotationcontrols_dll| 4.0.7577.4087| 340,840| 25-Mar-2012| 02:42| x86
Playback_annotationtextmerge_dll| 4.0.7577.4087| 172,840| 25-Mar-2012| 02:42| x86
Playback_coreplaybackengine_dll| 4.0.7577.4087| 1,358,632| 25-Mar-2012| 02:40| x86
Playback_logging_dll| 4.0.7577.4087| 167,768| 25-Mar-2012| 02:42| x86
Playback_oc3playbackapplication_dll| 4.0.7577.4087| 163,632| 25-Mar-2012| 02:42| x86
Playback_uc_ui_utilities_dll| 4.0.7577.4087| 166,232| 25-Mar-2012| 02:42| x86
Psomdll| 4.0.7577.4504| 783,896| 14-Jun-2016| 07:34| x86
Rtmpltfm_dll| 4.0.7577.4540| 6,418,448| 15-Aug-2017| 20:46| x86
Saext.dll| 4.0.7577.253| 319,752| 31-Mar-2011| 08:43| x86
Sqmapidll| 6.0.6000.16386| 141,064| 10-Feb-2011| 11:28| x86
Uccp_dll| 4.0.7577.4456| 5,958,952| 28-Oct-2014| 01:38| x86
Ucdll| 4.0.7577.4484| 13,333,792| 25-Oct-2015| 07:15| x86
Ucmapiexe| 4.0.7577.4409| 648,344| 25-Sep-2013| 20:01| x86
Xceedzip.dll| 6.5.10316.0| 634,560| 16-May-2012| 18:39| x86

For all supported x64-based versions of Lync 2010File name File version File size Date Time Platform
Appshapi.dll 4.0.7577.4409 1,141,920 25-Sep-2013 20:01 x86
Appshcom.dll 4.0.7577.4409 282,272 25-Sep-2013 20:01 x86
Appshvw.dll 4.0.7577.4388 1,896,600 11-Apr-2013 21:27 x86
Autohelper 4.0.7577.253 38,672 31-Mar-2011 08:45 Not applicable
Communicatorexe 4.0.7577.4540 12,120,104 15-Aug-2017 20:48 x86
Crecplayerresexe 4.0.7577.4403 600,224 20-Jul-2013 01:04 x86
File_communicator.exe.manifest Not applicable 1,185 23-Mar-2013 03:08 Not applicable
File_cures.dll 4.0.7577.4456 686,376 28-Oct-2014 01:35 x86
File_meetingjoinaxoc 4.0.7577.4540 52,784 15-Aug-2017 20:46 Not applicable
File_meetingjoinaxoc64 4.0.7577.4540 295,472 15-Aug-2017 23:34 Not applicable
File_npmeetingjoinpluginoc.dll 4.0.7577.4540 33,336 15-Aug-2017 20:46 x86
File_ucaddin.dll 4.0.7577.4445 910,632 14-Apr-2014 21:09 x86
File_x64_ucaddin.dll 4.0.7577.4445 1,514,288 14-Apr-2014 22:16 x64
Ocpptview.dll 4.0.7577.4540 2,073,120 15-Aug-2017 20:46 x86
Ocpubmgrexe 4.0.7577.4403 2,371,744 20-Jul-2013 01:05 x86
Ocrecdll 4.0.7577.4403 791,704 20-Jul-2013 01:05 x86
Ogl.dll 4.0.7577.4540 1,712,152 15-Aug-2017 20:46 x86
Playback_annotationcontrols_dll 4.0.7577.4087 340,840 25-Mar-2012 02:42 x86
Playback_annotationtextmerge_dll 4.0.7577.4087 172,840 25-Mar-2012 02:42 x86
Playback_coreplaybackengine_dll 4.0.7577.4087 1,358,632 25-Mar-2012 02:40 x86
Playback_logging_dll 4.0.7577.4087 167,768 25-Mar-2012 02:42 x86
Playback_oc3playbackapplication_dll 4.0.7577.4087 163,632 25-Mar-2012 02:42 x86
Playback_uc_ui_utilities_dll 4.0.7577.4087 166,232 25-Mar-2012 02:42 x86
Psomdll 4.0.7577.4504 783,896 14-Jun-2016 07:34 x86
Rtmpltfm_dll 4.0.7577.4540 6,418,448 15-Aug-2017 20:46 x86
Saext.dll 4.0.7577.253 319,752 31-Mar-2011 08:43 x86
Sqmapidll 6.0.6000.16386 141,064 10-Feb-2011 11:28 x86
Uccp_dll 4.0.7577.4456 5,958,952 28-Oct-2014 01:38 x86
Ucdll 4.0.7577.4484 13,333,792 25-Oct-2015 07:15 x86
Ucmapi64exe 4.0.7577.4409 2,458,264 25-Sep-2013 21:08 x64
Ucmapiexe 4.0.7577.4409 648,344 25-Sep-2013 20:01 x86
Xceedzip.dll 6.5.10316.0 634,560 16-May-2012 18:39 x86

How to get help and support for this security update

Help for installing updates: Windows Update FAQSecurity solutions for IT professionals: Security Support and TroubleshootingHelp for protecting your Windows-based computer from viruses and malware: Microsoft SecureLocal support according to your country: International SupportPropose a feature or provide feedback on Skype: Skype User Voice portal

Related

openvas 20
mskb 25
nessus 13
symantec 3
zdi 1
prion 3
mscve 3
cve 3
kaspersky 3
talosblog 1
trendmicroblog 1
openvas
openvas
Microsoft Live Meeting 2007 Add-in Multiple Vulnerabilities (KB4025869)
2017-09-14 00:00:00
Microsoft Live Meeting 2007 Console Multiple Vulnerabilities (KB4025868)
2017-09-13 00:00:00
Microsoft Lync 2010 Multiple Vulnerabilities (KB4025865)
2017-09-13 00:00:00
mskb
mskb
Description of the security update for Office Live Meeting Console: September 12, 2017
2017-09-12 07:00:00
Description of the security update for Lync 2010 Attendee (admin level install): September 12, 2017
2017-09-12 07:00:00
Description of the security update for Skype for Business 2016: September 12, 2017
2017-09-12 07:00:00
nessus
nessus
Security Updates for Microsoft Skype for Business and Microsoft Lync and Microsoft Live Meeting (September 2017)
2017-09-12 00:00:00
Security Updates for Microsoft Office Viewers (September 2017)
2017-09-12 00:00:00
Security Updates for Microsoft Office Products (September 2017)
2017-09-12 00:00:00
symantec
symantec
Microsoft Windows Graphics Device Interface CVE-2017-8676 Local Information Disclosure Vulnerability
2017-09-12 00:00:00
Microsoft Windows Graphics Component CVE-2017-8695 Information Disclosure Vulnerability
2017-09-12 00:00:00
Microsoft Windows Graphics Component CVE-2017-8696 Remote Code Execution Vulnerability
2017-09-12 00:00:00
zdi
zdi
Microsoft Windows Bitmap Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2017-09-12 00:00:00
prion
prion
Information disclosure
2017-09-13 01:29:00
Information disclosure
2017-09-13 01:29:00
Remote code execution
2017-09-13 01:29:00
mscve
mscve
Windows GDI+ Information Disclosure Vulnerability
2017-09-12 07:00:00
Windows Uniscribe Remote Code Execution Vulnerability
2017-09-12 07:00:00
Windows Uniscribe Information Disclosure Vulnerability
2017-09-12 07:00:00
cve
cve
CVE-2017-8676
2017-09-13 01:29:00
CVE-2017-8695
2017-09-13 01:29:00
CVE-2017-8696
2017-09-13 01:29:00
kaspersky
kaspersky
KLA11100 Multiple vulnerabilities in Microsoft Office
2017-09-12 00:00:00
KLA11899 Multiple vulnerabilities in Microsoft Products (ESU)
2017-09-12 00:00:00
KLA11099 Multiple vulnerabilities in Microsoft Windows
2017-09-12 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - September 2017
2017-09-12 15:41:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of September 11, 2017
2017-09-15 14:59:53

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.099 Low

EPSS

Percentile

94.7%

JSON
Related for KB4025865
openvas20mskb25nessus13symantec3zdi1prion3mscve3cve3kaspersky3talosblog1trendmicroblog1