Microsoft Exchange CVE-2016-3379 Elevation of Privilege Vulnerability

description-logoDescription

An elevation of privilege vulnerability exists in the way that Microsoft Outlook handles meeting invitation requests. To exploit the vulnerability, an attacker could send a specially crafted Outlook meeting invitation request with malicious cross-site scripting (XSS) capability to a user. The update addresses the vulnerability by correcting how Outlook handles meeting invitation requests.

affected-products-logoAffected Applications

Microsoft Exchange Server 2016 Cumulative Update 1
Microsoft Exchange Server 2016 Cumulative Update 2

CVE References

CVE-2016-3379