Check: 2015-A-0279
Windows 2012 IAVM:
2015-A-0279
(in version v1 r30)
Title
Microsoft Skype for Business and Microsoft Lync Information Disclosure Vulnerability (MS15-123) (Cat I impact)
Discussion
Microsoft has released a security bulletin addressing a vulnerability in the Microsoft in Skype for Business and Microsoft Lync. To exploit this vulnerability, an attacker would invite an affected user to an instant message session and then would send that user a message containing specially crafted JavaScript content. If successfully exploited, this vulnerability would allow an attacker to execute arbitrary code in the Skype for Business or Lync context.
Check Content
Fix Text
Additional Identifiers
Rule ID:
Vulnerability ID: V-62913
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |