Below are the security fixes for the SharePoint OnPrem versions released this month.
Important:
SharePoint Foundation security fixes also have to be applied on SharePoint Server installations.
SharePoint Server security fixes also have to be applied on Project Server installations.
SharePoint 2013 Suite:
- KB 5002336 – SharePoint Foundation 2013 (core component)
Microsoft Support recommends to install the complete January 2023 CU for SharePoint 2013 rather than individual security fixes
SharePoint Server 2016:
- KB 5002338 – SharePoint Server 2016 (language independent)
Microsoft Support recommends to install the complete January 2023 CU for SharePoint 2016 rather than individual security fixes
SharePoint Server 2019:
- KB 5002329 – SharePoint Server 2019 (language independent)
Microsoft Support recommends to install the complete January 2023 CU for SharePoint 2019 rather than individual security fixes
SharePoint Server Subscription Edition:
- KB 5002331 – SharePoint Server Subscription Edition (language independent)
Microsoft Support recommends to install the complete January 2023 CU for SharePoint Subscription Edition rather than individual security fixes
Office Online Server:
- None
More information:
Permalink
I’m confused – there’s no wss file?
Do we need one file, or two.
For instance:
If I have an on-prem SharePoint 2019 installation, do I need both
– sts2019-kb5002329-fullfile-x64-glb.exe
AND
– sts-subscription-kb5002331-fullfile-x64-glb.exe
Or just the subscription file?
Thanks,
Permalink
Hi Keith,
for SharePoint Server 2019 we released only a single fix for the language independent component with January 2023 CU.
The most recent language dependent fix is from December 2023.
See the linked CU article for details: https://blog.stefan-gossner.com/2023/01/10/january-2023-cu-for-sharepoint-server-2019-is-available-for-download/
The sts-subscription-kb5002331-fullfile-x64-glb.exe is not for SharePoint Server 2019 – it is for SharePoint Subcription Edition.
Cheers,
Stefan
Permalink
Thank you for the clarification.
So if I understand correctly:
I have not installed the December fixes (things were hectic and the User Profile issue scared me off). My SharePoint is only patched through the November releases.
So, now I should run the WSS file from December, and this latest STS file from January, correct?
I appreciate the quick responses!
Permalink
Hello,
After i upgrade to the latest version, I found that the block file type not only block file extensions, but also block the folder name. For exmple, the “dw” was appended in the block file list, then i create an folder named ‘aws’, it show me “The file you are attempting to save or retrieve has been blocked from this Web site by the server administrators.”
The question I want to ask is: Is this our real intention?
Hope your reply.
Thanks.
Permalink
Hi Addision,
this issue is planned to be fixed in the upcoming February 2023 CU.
Cheers,
Stefan