(MS14-055) Vulnerabilities in Microsoft Lync Server Could Allow Denial of Service (2990928)

  Severity: HIGH
  CVE Identifier: CVE-2014-4068,CVE-2014-4070,CVE-2014-4071
  Advisory Date: OCT 30, 2014

  DESCRIPTION

This update resolves three vulnerabilities found in Microsoft Lync Server. When successfully exploited, two of the three vulnerabilities could lead to denial of service while one could lead to information disclosure.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Microsoft Lync Server 2010
  • Microsoft Lync Server 2013