Due to the MS13-105 security bulletin, all currently supported versions of Exchange got a Security Update or a Rollup Update. The only change in each update is the inclusion of the security updates identified in MS13-105.
This security update resolves three publicly disclosed vulnerabilities and one privately reported vulnerability in Microsoft Exchange Server. The most severe of these vulnerabilities exist in the WebReady Document Viewing and Data Loss Prevention features of Microsoft Exchange Server.
These vulnerabilities could allow remote code execution in the security context of the LocalService account if an attacker sends an email message containing a specially crafted file to a user on an affected Exchange server. The LocalService account has minimum privileges on the local system and presents anonymous credentials on the network.
View: MS13-105 security bulletin
View: Exchange Team Blog Post about these updates
Download: Update Rollup 12 for Exchange Server 2007 Service Pack 3 (KB2903911)
Download: Update Rollup 8 for Exchange Server 2010 Service Pack 2 (KB2903903)
Download: Update Rollup 4 For Exchange 2010 SP3 (KB2905616)
Download: Security Update For Exchange Server 2013 CU2 (KB2880833)
Download: Security Update For Exchange Server 2013 CU3 (KB2880833)
