Microsoft has just released version 2 of the latest Exchange 2010 SP1 and SP2 rollups. At this moment you can’t find a lot of information about it. The only reference which can be found on the dowload pages of both rollups is a reference to security bulletin MS12-058. In this security bulletin an issue is described about a vulnerability in the Web Ready Document Viewing functionality of Exchange 2010 in the Oracle Outside In Libraries

The updates can be downloaded via the links below:

Exchange 2010 SP1 Rollup 7 v2:

Exchange 2010 SP2 Rollup 4 v2:

More information about the vulnerability can be found on the page below:

Security Bulletin MS12-058:

Update: this updates rollup has been released because of the expiration of the signatures which are used to sign the code. The advice is to install the v2 of the rollup despite it was already a part of the v1 of this update.


Johan Veldhuis