Update Rollup 18 for Exchange 2010 Service Pack 3 is now available for direct download. It contains 1 documented new security and all previously released fixes and security updates for Exchange 2010 SP3. Note that mainstream support for Exchange 2010 has already ended.
This security update resolves the vulnerabilities mentioned in CVE-2017-8621, CVE-2017-8559 and CVE-2017-8560. These vulnerabilities works via Outlook Web Access (OWA) and could allow elevation of privilege or spoofing in Microsoft Exchange Server if an attacker sends an email that has a specially crafted attachment to a vulnerable Exchange server.