MS16-010: Security update in Microsoft Exchange Server to address spoofing: January 12, 2016

This security resolves a in that could allow information disclosure if Web Access () doesn’t handle web requests, sanitize user input and email content correctly.

To learn more about the vulnerability, see Microsoft Security Bulletin MS16-010.

Download:
Microsoft Exchange Server 2013 Service Pack 1 (3124557)

Microsoft Exchange Server 2013 Cumulative Update 10 (3124557)

Microsoft Exchange Server 2013 Cumulative Update 11 (3124557)

Microsoft Exchange Server 2016 (3124557)