June 2020 CU for SharePoint Server 2016 is available for download

The product group released the June 2020 Cumulative Update for SharePoint Server 2016 product family.

This CU also includes Feature Pack 1 which was released with December 2016 CU and Feature Pack 2 which was released with September 2017 CU.

The KB articles for June 2020 CU are available here:

  • KB 4484402 – June 2020 Update for SharePoint Server 2016 (language independent) – This is also a security update!
  • KB 4484344 – June 2020 Update for SharePoint Server 2016 (language dependent)

The download for June 2020 CU is available here:

Important: It is required to install both fixes (language dependent and independent) to fully patch a SharePoint server. This applies also to servers which do not have language packs installed. The reason is that each SharePoint installation includes a language dependent component together with a language independent component. If additional language packs are added later (only) the language dependent fix has to be applied again.

It is irrelevant which language you pick on the drop down in download center. Even the language dependent fixes are all in the same package for all languages.

After installing the fixes you need to run the SharePoint 2016 Products Configuration Wizard on each machine in the farm. If you prefer to run the command line version psconfig.exe ensure to have a look here for the correct options.

SharePoint 2016 June 2020 CU Build Numbers:

Language independent fix: 16.0.5017.1001
Language dependent fix: 16.0.5017.1001

To understand the different version numbers please have a look at my article which explains the different SharePoint build numbers.

Please ensure to have a look at the SharePoint Patching Best Practices before applying new fixes.

Related Links:

23 Comments


  1. Hi Stefan, I have SP2016 Farm without any language packs installed.
    Do I have to install both patches of KB 4484402 (Language dependent and independent), if yes then may i know sequence ?
    Thanks – Jay

    Reply

    1. Hi Jay,

      as I wrote in the article above:


      Important: It is required to install both fixes (language dependent and independent) to fully patch a SharePoint server. This applies also to servers which do not have language packs installed. The reason is that each SharePoint installation includes a language dependent component together with a language independent component. If additional language packs are added later (only) the language dependent fix has to be applied again.

      Sequence does not matter.

      Cheers,
      Stefan

      Reply

      1. Hi Stefan Thanks forgetting back to me. I got my answer.

        I have 16.0.4327.1000 -SharePoint Server 2016 RC version. can I directly run the above updates ?

        Thanks – Jay

        Reply

        1. Hi Jay,

          RC is unsupported and upgrading from RC to a later build is also unsupported.
          Are you sure you installed an RC build – or is that the version number you see a database schema version?
          Because the database schema version is not the build version.

          Cheers,
          Stefan

          Reply

          1. Yes.. It does show me after i run PS command.

            Get-SPFarm | select BuildVersion
            16.0.4327.1000

            Am i right ?


  2. Thanks Stefan,

    I just found out that we have RTM 16.0.4351.1000
    it’s bug in SharePoint 2016 that it still shows in RC version even if you have installed RTM.

    Thanks
    Jay

    Reply

  3. Hi Stefan,

    I have done some analysis on the vulnerability ‘CVE-2020-1181’ which is part of this SP 2016 June 2020 Public update. As per Microsoft, this vulnerability is identified by them as ‘2 – Exploitation less likely’ but per the below blog, they say it looks like Microsoft have wrongly classified this as ‘2 – Exploitation Less Likely’ Instead of ‘1 – Exploitation More Likely’.

    https://www.thezdi.com/blog/2020/6/16/cve-2020-1181-sharepoint-remote-code-execution-through-web-parts?utm_medium=email&_hsmi=89775636&_hsenc=p2ANqtz-8vwJIrk8twTL_FCxy7xH8dATmjyXon0Ei3LV87ocp_u3c7G0yH3iEURKt8agSsJITScjNDG8tgFONWl140EMieMCXOcFmp-dkqWhzJrjlsizP8g-g&utm_content=89775636&utm_source=hs_email

    Do you know if Microsoft going to update the classification of this vulnerability ‘CVE-2020-1181’ and provide more information this?

    Thanks,
    Anil

    Reply

    1. Hi Anil,

      sorry I cannot comment on any security aspects here on my blog.
      If you have concerns about this, please open a support case to ensure that you get an official answer through the right channels.

      Thanks,
      Stefan

      Reply

  4. Thanks for your response. I will check with MS Support on this

    Reply

  5. We have probably discovered a small bug with Search after applying the June 2020 patches on SP2016. When you do a search inquiry the results are displayed properly but when you click on the arrow under (not in) the search box (Results found in …) and select “Everything” the link is not working. the result is the well known error page displaying. I wonder if other customers have the same issue. Otherwise I will open a case with MS.

    Reply

    1. Hi Roger,

      from what I see this has not been reported so far.

      Cheers,
      Stefan

      Reply

    2. Did you ever find a solution for the search issue you were having with the “results found in” and everything drop down? We are having the same issue after applying the May 2020 CU (ver: 16.0.5005.1000).

      Reply

  6. psconfigui.exe is failing with:
    Failed to secure the SharePoint resources.

    This is a critical task. You have to fix the failures before you can continue.

    An exception of type System.UnauthorizedAccessException was thrown. Additional exception information: Attempted to perform an unauthorized operation.

    and when I try to run psconfig.exe with the -cmd securesources I get an error saying securesources is not a valid command:
    PS C:\Windows\system32> psconfig.exe -cmd upgrade -inplace b2b -wait -cmd applicationcontent -install -cmd installfeatures -cmd securesources -cmd services -install
    SharePoint Products Configuration Wizard version 16.0.4849.1000. Copyright (C) Microsoft Corporation 2016. All rights reserved.

    The securesources command is invalid.

    Usage:
    PSCONFIG.EXE -cmd [Parameters]
    PSCONFIG.EXE -help [Command]
    PSCONFIG.EXE -?
    Commands:
    configdb
    helpcollections
    secureresources
    services
    installfeatures
    adminvs
    upgrade
    applicationcontent
    quiet

    I can’t find much information on securesources, what is it, why is it making my upgrade config fail?

    Reply

    1. Hi Michael,

      seems you mistyped “secureresources”. In the info you wrote “securesources”. “re” is missing”

      Cheers,
      Stefan

      Reply

      1. Hi Stefan,

        you are correct, I did mistype in my message, but I’m still getting the message when running the Wizard:
        Failed to secure the SharePoint resources.
        An exception of type System.UnauthorizedAccessException was thrown. Additional exception information: Attempted to perform an unauthorized operation.
        System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

        from what I can find, it appears the account running the script needs read/write access to the location and host file. we removed those permissions back in May of 2018 and the wizard has been running fine since. I did grant read/write access to the location and the host file and I’m still not able to get a clean run.

        any other thoughts?

        Reply

        1. Hi Michael,
          in this case I would suggest to open a support ticket with Microsoft to get this analyzed in more detail.
          Cheers,
          Stefan

          Reply

  7. Hi,

    I have an issue with the download function from our SharePoint application when running Edge or Chrome. It works though in IE.
    Is there any update that fixws this issue?
    Regards,
    Claudio

    Reply

    1. Hi Claudio,
      I’m not sure what issue you mean. I’m able to download documents in different browsers.
      If you have an issue I would recommend to open a support ticket with Microsoft to get it analyzed.
      Cheers,
      Stefan

      Reply

  8. Hi Stefan,

    I tried to install the KB 4484402 in our server farm. I was able to successfully install the SharePoint update on the front end server. But each time when i try to update the App server it throws me an error “The installation for this package failed.”. Then I checked the logs I noticed at the end I see an error with “Product: Microsoft SharePoint Foundation 2016 Core – Update ‘Security Update for Microsoft SharePoint Enterprise Server 2016 (KB4484402) 64-Bit Edition’ could not be installed. Error code 1603. Additional information is available in the log file C:\Users\KANISH~1.JAY\AppData\Local\Temp\sts-x-none_MSPLOG.LOG.” . Is this a common issue? Any suggestions to fix it.

    Thank you,
    Kanishka

    Reply

    1. Hi Kanishka,
      this is not a common error.
      Please check the log mentioned in the error to see what went wrong.
      If you need assistance to resolve this please contact Microsoft Support.
      Cheers,
      Stefan

      Reply

Leave a Reply to Kanishka Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.