Microsoft released two critical patches on 9/13/16 that address serious vulnerabilities in Exchange and SharePoint. Both can potentially allow remote control of the server. Of the two, the Exchange patch is more critical because a malformed attachment can compromise the server without a user opening the attachment.
Here are the links to the patches:
- Exchange Patch https://technet.microsoft.com/en-us/library/security/ms16-108.aspx
- SharePoint Patch https://technet.microsoft.com/en-us/library/security/ms16-107.aspx
Patching the servers is tricky because it depends on the version of Exchange and SharePoint, the Service Pack Level, and possibly the Cumulative Update of the Service Pack. We're currently in the process of patching all of our clients. If you need help patching your servers, please email info@adscon.com or call (310)541-8585 x 100.