KLA10598
Multiple vulnerabilities in Microsoft Exchange Server

Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges or obtain sensitive information.

Below is a complete list of vulnerabilities

1. Improper same-origin policy handling can be exploited remotely via a specially designed request;
2. Improper user session management can be exploited remotely via a specially designed web site.

Microsoft Exchange Server 2013 Service Pack 1
Microsoft Exchange Server 2013 Cumulative Update 8

Update to the latest version