(MS14-055) Vulnerabilities in Microsoft Lync Server Could Allow Denial of Service (2990928)

• Email
• Facebook
• Twitter
• Google+
• Linkedin

  Severity: HIGH

  CVE Identifier: CVE-2014-4068,CVE-2014-4070,CVE-2014-4071

  Advisory Date: OCT 30, 2014

---

  DESCRIPTION

This update resolves three vulnerabilities found in Microsoft Lync Server. When successfully exploited, two of the three vulnerabilities could lead to denial of service while one could lead to information disclosure.

  SOLUTION

  PATCH: https://technet.microsoft.com/en-us/library/security/ms14-055.aspx

  AFFECTED SOFTWARE AND VERSION

• Microsoft Lync Server 2010
• Microsoft Lync Server 2013

Related Vulnerability

• September 2014 - Microsoft Releases 4 Security Advisories