Microsoft a publié une mise à jour de sécurité pour Skype for Business 2016
Date: 10 juillet 2018
Bulletin de sécurité CVE-2018-8238 | Skype for Business and Lync Security Feature Bypass Vulnerability: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8238
Bulletin de sécurité CVE-2018-8311 | Remote Code Execution Vulnerability in Skype For Business and Lync: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8311
Description:
This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2018-8238 and Microsoft Common Vulnerabilities and Exposures CVE-2018-8311.
Fixes:
This security update contains the following improvements and fixes:
- Rate My Call privacy statement incorrectly redirects to Lync 2010 privacy statement
- You're prompted for Exchange credentials after switching network in a Skype for Business hybrid environment
- Right-to-left languages not aligned correctly and call notification strings shown in the wrong direction in Skype for Business 2016
- Japanese characters in a Skype for Business 2016 online meeting are garbled and can't be read correctly
- Can't input messages until clicking participants list after taking control in screen sharing in Skype for Business 2016
- Letters such as "y" and "g" aren't shown fully in minimum IM text window in Skype for Business 2016
