We are using Ex2013 CU12 for now, because we decided to skip CU13 (with its issues) and CU14 didn't deploy yet.
I have read the supported SW paragraph and I know that MS supports two product version into past, so that Ex2016 + Ex2013 and Ex2010 (Ex2007 which support ends in days).
But how is it with those interim updates/fixes? Does the 2 versions rule applies also for internal CU versioning or not?
1. we need to update our servers to CU and install newest patch because it can be installed only to SP1 or CU14
2. or our Ex2013 CU12 is not affected by this vulnerability?
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.