Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB3185883
HistorySep 13, 2016 - 12:00 a.m.

MS16-108: Security update for Exchange Server: September 13, 2016

2016-09-1300:00:00
Microsoft
support.microsoft.com
74

EPSS

0.024

Percentile

90.2%

JSON

<html><body><p>Resolves vulnerabilities in Exchange Server in which the most severe of the vulnerabilities could allow remote code execution in some Oracle Outside In Libraries that are built into Exchange Server. This issue might occur if an attacker sends an email message with a specially crafted attachment to a vulnerable Exchange Server server.</p><h2>Summary</h2><div>This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow remote code execution in some Oracle Outside In Libraries that are built into Exchange Server. This issue might occur if an attacker sends an email message with a specially crafted attachment to a vulnerable Exchange Server computer. To learn more about this vulnerability, see <a href=“https://technet.microsoft.com/library/security/ms16-108” target=“_self”>Microsoft Security Bulletin MS16-108</a>. <span></span></div><h2></h2><div><h3>More information about this security update</h3>The following articles contain more information about this security update as it relates to individual product versions.<br /><ul><li><a href=“https://support.microsoft.com/en-us/help/3184736”>3184736 </a> MS16-108: Description of the security update for Exchange Server 2016 and Exchange Server 2013: September 13, 2016</li><li><a href=“https://support.microsoft.com/en-us/help/3184728”>3184728 </a> MS16-108: Update Rollup 15 for Exchange Server 2010 Service Pack 3: September 13, 2016</li><li><a href=“https://support.microsoft.com/en-us/help/3184711”>3184711 </a> MS16-108: Update Rollup 21 for Exchange Server 2007 Service Pack 3: September 13, 2016</li></ul></div><h2></h2><div><div><div><div><span><span></span></span><span><span>Security update deployment information</span></span></div><div><span><div><h4>Microsoft Exchange Server 2007</h4><div><span>Reference table</span><br /><br />The following table contains the security update information for this software.<br /><div><table><tr><td><span>Inclusion in future service packs</span></td><td>The update for this issue will be included in a future service pack or update rollup</td></tr><tr><td><span>Security update file name</span></td><td>For Microsoft Exchange Server 2007 Service Pack 3 :<br /><span>Exchange2007-KB3184711-x64-EN.msp</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/912203” target=“_self”>Microsoft Knowledge Base Article 912203</a></td></tr><tr><td><span>Restart requirement</span></td><td>In some cases, this update does not require a system restart. If the required files are being used, this update will require a system restart. If this behavior occurs, you receive a message that advises you to restart your system. </td></tr><tr><td><span>Update log file</span></td><td>KB3184711.log</td></tr><tr><td><span>Removal information</span></td><td>Use <span>Add or Remove Programs</span> item in Control Panel. </td></tr><tr><td><span>File information</span></td><td>See <a href=“https://support.microsoft.com/help/3184711” target=“_self”>Microsoft Knowledge Base Article 3184711</a></td></tr><tr><td><span>Registry key verification</span></td><td>For Microsoft Exchange Server 2007 Service Pack 3: <br />HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Exchange 2007\SP2\KB3184711</td></tr></table></div><h4>Microsoft Exchange Server 2010</h4><div><span>Reference table</span><br /><br />The following table contains the security update information for this software.<br /><div><table><tr><td><span>Inclusion in future service packs</span></td><td>The update for this issue will be included in a future service pack or update rollup</td></tr><tr><td><span>Security update file name</span></td><td>For Microsoft Exchange Server 2010 Service Pack 3:<br /><span>Exchange2010-K3184728B-x64-en.msp</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/912203” target=“_self”>Microsoft Knowledge Base Article 912203</a></td></tr><tr><td><span>Restart requirement</span></td><td>In some cases, this update does not require a system restart. If the required files are being used, this update will require a system restart. If this behavior occurs, you receive a message that advises you to restart your system. </td></tr><tr><td><span>Update log file</span></td><td>K3184728B.log</td></tr><tr><td><span>Removal information</span></td><td>Use <span>Add or Remove Programs</span> item in Control Panel. </td></tr><tr><td><span>File information</span></td><td>See <a href=“https://support.microsoft.com/help/3184728” target=“_self”>Microsoft Knowledge Base Article 3184728</a></td></tr><tr><td><span>Registry key verification</span></td><td>For Microsoft Exchange Server 2010 Service Pack 3:<br />HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Exchange 2010\SP3\KB3184728B</td></tr></table></div><h4>Microsoft Exchange Server 2013</h4><div><span>Reference table</span><br /><br />The following table contains the security update information for this software.<br /><div><table><tr><td><span>Inclusion in future service packs</span></td><td>The update for this issue will be included in a future service pack or update rollup</td></tr><tr><td><span>Security update file name</span></td><td>For Microsoft Exchange Server 2013 Service Pack 1, Microsoft Exchange Server 2013 Cumulative Update 12, and Microsoft Exchange Server 2013 Cumulative Update 13:<br /><span>Exchange2013-KB3184736-x64-en.msp</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/934307” target=“_self”>Microsoft Knowledge Base Article 934307</a></td></tr><tr><td><span>Restart requirement</span></td><td>In some cases, this update does not require a system restart. If the required files are being used, this update will require a system restart. If this behavior occurs, you receive a message that advises you to restart your system. </td></tr><tr><td><span>Update log file</span></td><td>KB3184736.log</td></tr><tr><td><span>Removal information</span></td><td>Use <span>Add or Remove Programs</span> item in Control Panel. </td></tr><tr><td><span>File information</span></td><td>See <a href=“https://support.microsoft.com/help/3184736” target=“_self”>Microsoft Knowledge Base Article 3184736</a></td></tr><tr><td><span>Registry key verification</span></td><td>For supported editions of Microsoft Exchange Server 2013:<br />HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Exchange 2013\KB3184736</td></tr></table></div><h4>Microsoft Exchange Server 2016</h4><div><span>Reference table</span><br /><br />The following table contains the security update information for this software.<br /><div><table><tr><td><span>Inclusion in future service packs</span></td><td>The update for this issue will be included in a future service pack or update rollup</td></tr><tr><td><span>Security update file name</span></td><td>For Microsoft Exchange Server 2016 Cumulative Update 1, and Microsoft Exchange Server 2016 Cumulative Update 2:<br /><span>Exchange2016-KB3184736-x64-en.msp</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/934307” target=“_self”>Microsoft Knowledge Base Article 934307</a></td></tr><tr><td><span>Restart requirement</span></td><td>In some cases, this update does not require a system restart. If the required files are being used, this update will require a system restart. If this behavior occurs, you receive a message that advises you to restart your system. </td></tr><tr><td><span>Update log file</span></td><td>KB3184736.log</td></tr><tr><td><span>Removal information</span></td><td>Use <span>Add or Remove Programs</span> item in Control Panel. </td></tr><tr><td><span>File information</span></td><td>See <a href=“https://support.microsoft.com/help/3184736” target=“_self”>Microsoft Knowledge Base Article 3184736</a></td></tr><tr><td><span>Registry key verification</span></td><td>For supported editions of Microsoft Exchange Server 2016:<br />HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Exchange 2016\KB3184736</td></tr></table></div><h3>How to get help and support for this security update</h3><div>Help for installing updates: <a href=“https://support.microsoft.com/ph/6527” target=“_self”>Support for Microsoft Update</a><br /><br />Security solutions for IT professionals: <a href=“https://technet.microsoft.com/security/bb980617.aspx” target=“_self”>TechNet Security Troubleshooting and Support</a><br /><br />Help for protecting your Windows-based computer from viruses and malware: <a href=“https://support.microsoft.com/contactus/cu_sc_virsec_master” target=“_self”>Virus Solution and Security Center</a><br /><br />Local support according to your country: <a href=“https://support.microsoft.com/” target=“_self”>International Support</a></div></div></div></div></div></div></span></div></div></div></div><h2>References</h2><div><span>Third-party information disclaimer</span><div>The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.</div></div></body></html>

Related

openvas 2
mskb 3
kaspersky 1
prion 3
cvelist 3
nvd 3
symantec 3
mscve 3
cve 3
packetstorm 1
nessus 1
openvas
openvas
Microsoft Exchange Server Multiple Vulnerabilities (3185883)
2016-09-14 00:00:00
Microsoft Exchange Server Information Disclosure Vulnerabilities (3185883)
2016-09-14 00:00:00
mskb
mskb
MS16-108: Description of the security update for Exchange Server 2016 and 2013: September 13, 2016
2016-09-13 07:00:00
MS16-108: Update Rollup 21 for Exchange Server 2007 Service Pack 3: September 13, 2016
2016-09-13 07:00:00
MS16-108: Update Rollup 15 for Exchange Server 2010 Service Pack 3: September 13, 2016
2016-09-13 07:00:00
kaspersky
kaspersky
KLA10873 Multiple vulnerabilities in Microsoft Exchange Server
2016-09-13 00:00:00
prion
prion
Cross site scripting
2016-09-14 10:59:00
Open redirect
2016-09-14 10:59:00
Information disclosure
2016-09-14 10:59:00
cvelist
cvelist
CVE-2016-3379
2016-09-14 10:00:00
CVE-2016-3378
2016-09-14 10:00:00
CVE-2016-0138
2016-09-14 10:00:00
nvd
nvd
CVE-2016-3379
2016-09-14 10:59:53
CVE-2016-3378
2016-09-14 10:59:52
CVE-2016-0138
2016-09-14 10:59:02
symantec
symantec
Microsoft Exchange Server CVE-2016-3379 Cross Site Scripting Vulnerability
2016-09-13 00:00:00
Microsoft Exchange Server CVE-2016-3378 Open Redirection Vulnerability
2016-09-13 00:00:00
Microsoft Exchange Server CVE-2016-0138 Information Disclosure Vulnerability
2016-09-13 00:00:00
mscve
mscve
Microsoft Exchange Elevation of Privilege Vulnerability
2016-09-13 07:00:00
Microsoft Exchange Open Redirect Vulnerability
2016-09-13 07:00:00
Microsoft Outlook Information Disclosure Vulnerability
2016-09-13 07:00:00
cve
cve
CVE-2016-3379
2016-09-14 10:59:53
CVE-2016-3378
2016-09-14 10:59:52
CVE-2016-0138
2016-09-14 10:59:02
packetstorm
packetstorm
Microsoft Exchange Open Redirect
2018-03-28 00:00:00
nessus
nessus
MS16-108: Security Update for Microsoft Exchange Server (3185883)
2016-09-13 00:00:00

EPSS

0.024

Percentile

90.2%

JSON
Related for KB3185883
openvas2mskb3kaspersky1prion3cvelist3nvd3symantec3mscve3cve3packetstorm1nessus1