Feb 2021 Skype for Business Server 2015, 2019 and Lync Server 2013 Denial of Service Security Patch

Thought this was worth a post to get the word out. There is an important update for Skype for Business Server 2015, 2019 and Lync Server 2013 to protect against

CVE-2021-24099, Skype for Business and Lync Denial of Service Vulnerability

The exploit was privately disclosed to Microsoft by Markus Wulftange of Code White GmbH and has not yet been seen in the wild. If exploited, it can cause a total loss of server availability for users.

You can grab the patch here:

Description of the security update for Skype for Business Server and Lync Server: February 9, 2021 (KB5000675) (microsoft.com)

 

Thanks, Tobie Fysh for flagging this one.

Happy patching!