Below are the security fixes for the SharePoint OnPrem versions released this month.
Important:
SharePoint Foundation security fixes also have to be applied on SharePoint Server installations.
SharePoint Server security fixes also have to be applied on Project Server installations.
SharePoint 2013 Suite:
- KB 5002303 – SharePoint Foundation 2013 (core component)
- KB 5002235 – Word Automation Services for SharePoint 2013
- KB 5002261 – Office Web Apps Server 2013
Microsoft Support recommends to install the complete November 2022 CU for SharePoint 2013 rather than individual security fixes
SharePoint Server 2016:
- KB 5002305 – SharePoint Server 2016 (language independent)
- KB 5002289 – SharePoint Server 2016 (language dependent)
Microsoft Support recommends to install the complete November 2022 CU for SharePoint 2016 rather than individual security fixes
SharePoint Server 2019:
- KB 5002294 – SharePoint Server 2019 (language independent)
- KB 5002295 – SharePoint Server 2019 (language dependent)
Microsoft Support recommends to install the complete November 2022 CU for SharePoint 2019 rather than individual security fixes
SharePoint Server Subscription Edition:
- KB 5002296 – SharePoint Server Subscription Edition (language independent)
- KB 5002291 – SharePoint Server Subscription Edition (language dependent)
Microsoft Support recommends to install the complete November 2022 CU for SharePoint Subscription Edition rather than individual security fixes
Office Online Server:
- KB 5002276 – Office Online Server
More information:
Permalink
Hello Stefan,
please do you know if there is any security update for Workflow Manager to work with the patched Azure Fabric Service Host that had the severe vulnerability one or two months ago? It’s should be patched from 9.0 CU4. I tried to update to 9.1 but – unsurprisingly – it didn’t work and I rolled back to the unpatched version. I know it’s almost end of life but extended support ends in 10/2023 so I would have expected Microsoft still patches this. Thanks for any hint!
Permalink
Hi Martin,
I don’t have an answer to this question as Workflow Manager is not supported by my team.
Please open a support case with Microsoft to get this investigated.
Cheers,
Stefan
Permalink
We are trying to apply the patches and in the end when running the config wize getting the following on the 9th task
An exception of type Microsoft.SharePoint.PostSetupConfiguration.PostSetupConfigurationTaskException was thrown. Additional exception information:
Upgrade [SearchAdminDatabase Name=Cloud_Search_Service_Application] failed. (EventID:an59t)
Exception: There is already an object named ‘domain\xyz’ in the database.CREATE SCHEMA failed due to previous errors. (EventID:an59t)
Permalink
Hello Stefan,
In the October CU for Sharepoint 2016, the rights of the farm administrator disappeared. In November CU for Sharepoint 2013, the rights of the farm administrator disappeared. Haven’t installed the November 2016 update yet for Sharepoint 2016, maybe it will happen again. This is not a question, this is my observation. I see it showing up in other people too.
Permalink
Can the SharePoint 2016 security patches be installed without the cumulative update or do both CU and security patch have to be installed? Is there a dependency between the security patch and the CU? Or is there only a dependency between the CU and security patch, but not vice versa?