SharePoint security fixes released with August 2019 PU and offered through Microsoft Update

As I received some feedback that I should also add the Urls to the KB articles of the different security fixes I added this information to my blog post.

SharePoint 2010 Suite:

  • KB 4475575 – SharePoint Foundation 2010 (core component)
  • KB 4475530 – Word Automation Services for SharePoint 2010
  • KB 4475534 – Office Web Apps Server 2010

SharePoint 2013 Suite:

  • KB 4475565 – SharePoint Foundation 2013 (core component)
  • KB 4475557 – SharePoint Server 2013 (core component)
  • KB 4462137 – Word Automation Services for SharePoint 2013
  • KB 4462216 – Office Web Apps Server 2013

SharePoint 2016 Suite:

  • KB 4475549 – SharePoint Server 2016 (language independent)

SharePoint 2019 Suite:

  • KB 4475555 – SharePoint Server 2019 (language independent)

Office Online Server:

  • KB 4475528 – Office Online Server
See the Security Update Guide below for more details about the relevant fixes:

More information:

10 Comments


  1. Hi, I am having issue on SharePoint search not returning results for Read users. The green loading image keeps on turning and no results shown. Weirdly if i allow Edit permission to those users, they start to return results again.

    This seem to happen since we updated this patch. Does anyone else having this issue? The ULS Log shows “The security validation for this page is invalid. Click Back in your Web browser, refresh the page, and try your operation again.” and nothing much other errors captured.

    Vers: SP2010 SP2

    Thanks

    Reply

    1. We are receiving the same error in our ULS logs. Search results for some of our users just “clocks” and never returns results. No browser side errors are being generated either.

      Will be opening a support case with Microsoft on this.

      Reply

    2. After some troubleshooting, it does seem that the issue lies with the Content Editor WebPart CEWP. After removing the CEWP from the Search Results page, the result page back in working condition.

      Hope the above workaround works for you if you did have the same issue.

      As baffled as i am, if i try to re-added a simple CEWP onto the page with some simple text, the error comes back. The above workaround is without the need for any content recrawl or settings change.

      Hope Microsoft can look into this issue. Thanks!

      Reply

      1. Hi Ng,
        be aware that Microsoft Support will only look into this if someone opens a support ticket.
        So if this is important for you, please open a support case to get this analyzed.
        Cheers,
        Stefan

        Reply

  2. Is this the same fix for XSS as from the July PU or is there a new XSS vulnerability?

    Reply

    1. Hi Bob, I’m not sure which of the above fixes you are talking about but you can always check the CVE associated with the KB to see which vulnerability it addresses.

      Reply

  3. Office Online Server June fix was 4475511 so our version is 16.0.10346.20001. August is 4462216 and we get ‘Does not apply’. ???

    Reply

  4. Hi, Do you know if there is a link with this update of Office Web Apps and the last version On Chrome ?
    We are blocke with Excel and PowerPoint when whe want ton change documents with OWA and Chrome last version… 🙁

    Reply

    1. Hi Jean-François,
      I’m not aware of such an issue. You should open a support case for this.
      Cheers,
      Stefan

      Reply

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.