A security update has been released for Exchange 2013 to solve a discovered vulnerability which is currently not being publicly used to attack OWA users.
The exploitation risk for the vulnerability has been categorized as “Important”. The vulnerability requires the user to click on a link to a specially crafted website and could result in information disclosure via spoofing.
View: Microsoft Security Bulletin MS15-103 – Important
View: Download information for KB3062157 (MS15-103)
Download: Security Update For Exchange Server 2013 CU8 (KB3087126)
Download: Security Update For Exchange Server 2013 CU9 (KB3087126)