Vulnerability in Microsoft Lync

CVE-2018-8546

A denial of service vulnerability exists in Skype for Business, aka "Microsoft Skype for Business Denial of Service Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Lync, Skype.

EPSS: 0.135 (94.3th percentile) — read the EPSS interpretation.

Affected products

Microsoft Lync — versions 2013 Service Pack 1 (32-bit), 2013 Service Pack 1 (64-bit), Basic 2013 Service Pack 1 (32-bit)
Microsoft Office — versions 2019 for 32-bit editions, 2019 for 64-bit editions
Microsoft Office — versions 365 ProPlus for 32-bit Systems, 365 ProPlus for 64-bit Systems
Microsoft Skype — versions Business 2016 (32-bit), Business 2016 (64-bit), Business 2016 Basic (32-bit)

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8546 (x_refsource_CONFIRM)
105802 (vdb-entry, x_refsource_BID)
1042125 (vdb-entry, x_refsource_SECTRACK)