An information disclosure vulnerability exists in Lync 2013. An attacker who exploited it could read arbitrary files on the victim's machine. To exploit the vulnerability, an attacker needs to instantiate a conference and modify the meeting link with malicious content and send the link to a victim. The update addresses the vulnerability by changing how the URL is being resolved.