This post has been republished via RSS; it originally appeared at: Microsoft Security Bulletins.
Severity Rating: CriticalRevision Note: V1.0 (September 13, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow remote code execution in some Oracle Outside In libraries that are built into Exchange Server if an attacker sends an email with a specially crafted attachment to a vulnerable Exchange server.