As I received some feedback that I should also add the Urls to the KB articles of the different security fixes I added this information to my blog post.
SharePoint 2010 Suite:
- KB 4484383 – SharePoint Server 2010 (core component)
SharePoint 2013 Suite:
- KB 4484364 – SharePoint Foundation 2013 (core component)
- KB 4484352 – SharePoint Server 2013 (core component)
SharePoint 2016 Suite:
- KB 4484336 – SharePoint Server 2016 (language independent)
SharePoint 2019 Suite:
- KB 4484332 – SharePoint Server 2019 (language independent)
Office Online Server:
- none
See the Security Update Guide below for more details about the relevant fixes:
More information:
Please ensure to have a look at the SharePoint Patching Best Practices before applying new fixes.
Permalink
Hi Stefan,
We are using SharePoint 2016 and usually do not include SharePoint patch in windows update. However my team accidentally installed April sts and March wssloc.on SharePoint servers with Window update.
Database and farm require upgrade.
In this situation, here are my questions hoping that you can advice me one option.
1. Do I need to run psoconfig now?
2. April has wssloc. Do I need to install April wssloc then run psconfig?
2. My ultimate goal is to install May sts. Can I install May sts and April wssloc then run psconfig?
Permalink
Hi Yuseon,
on your questions:
1) yes
2) yes that is recommended otherwise you have a mix in patch level which is not recommended
3) yes – that would ensure that your SharePoint farm is on the latest patch level for both components.
Cheers,
Stefan
Permalink
Hi Stefan,
If one opts for the option 3, is there a “time limit” for applying May CU? Or for example, if he decides to wait another month so he can apply June CU instead, what would be the harm for leaving the system the way it is now? I’ve seen a case where this was done by mistake on SP2010 years ago (bits installed but psconfig not ran for weeks, that is) but didn’t notice any harm.
Samson
Permalink
Malicious users might reverse engineer the security fixes included in the patches and might find ways to exploit these fixed issues. Unpatched servers would then be vulnerable.
Permalink
Thanks Stefan!
It means that I do not need to do Option 1 and Option 2 sequentially.
If I choose Option 2, only I need to do is Option 2 on the current servers where April sts and March wssloc installed and database needs to be upgraded, correct?
Permalink
What if there are no security fixes in CU? Will that make any differences?
Permalink
Hi Stefan!
I have a question for you….
we patch SharePoint every month, for business reasons, in April we did not pass the SharePoint hotfixes. Next week we will perform the SharePoint update by installing the May patches (which you described in this post) and the April patches. Except that in WSUS I no longer have these April patches listed. I show you the missing pathc and if you can help me:
KB4484321
KB4011584
KB4484308
KB4011581
KB4484307
KB4484322
KB4462153
quewste are all KB not installed in April, do you think I can not install them and I have to download them manually because they are useful for SharePoint and for the continuation of the patching activities?
Thank you very much!!
Permalink
Hi Roberto,
if the patches have not been installed before you can download and install them manually, of course.
Cheers,
Stefan
Permalink
Thank you Stefan,
but i dont know if its normal that in our WSUS this Hotfix is not present 🙁
Do you think these April patches are necessary or not?
Permalink
Hi Roberto,
yes – these are all security fixes which we recommend to install.
Cheers,
Stefan
Permalink
Thank you!
Have a nice evening!