SharePoint security fixes released with January 2025 PU and offered through Microsoft Update

Below are the security fixes for the SharePoint OnPrem versions released this month.

SharePoint Server 2016:

  • KB 5002672 – SharePoint Server 2016 (language independent)
  • KB 5002671 – SharePoint Server 2016 (language dependent)

Microsoft Support recommends to install the complete January 2025 CU for SharePoint 2016 rather than individual security fixes.

SharePoint Server 2019:

  • KB 5002666 – SharePoint Server 2019 (language independent)
  • KB 5002667 – SharePoint Server 2019 (language dependent)

Microsoft Support recommends to install the complete January 2025 CU for SharePoint 2019 rather than individual security fixes.

SharePoint Server Subscription Edition:

  • KB 5002676 – SharePoint Server Subscription Edition

This security fix is identical with January 2025 CU for SharePoint Server Subscription Edition.

Office Online Server:

  • KB 5002677 – Office Online Server
Please ensure to have a look at the SharePoint Patching Best Practices before applying new fixes.

 


Security Vulnerabilities fixed in this PU

Vulnerability SP 2016 SP 2019 SP SE OOS Impact Max Severity
CVE-2025-21344 x x x Remote Code Execution Important
CVE-2025-21348 x x x Remote Code Execution Important
CVE-2025-21354 x Remote Code Execution Critical
CVE-2025-21362 x Remote Code Execution Critical
CVE-2025-21393 x x x Spoofing Important
See the Security Update Guide below for more details about the relevant fixes:

2 Comments


  1. Are CU’s still intended to be downloaded and installed manually as opposed through WSUS/SCCM? On one of our SP2019 farms I’m seeing this in Windows Update: “Security Update for Microsoft SharePoint Server 2019 Core (KB5002666) farm-deployment. Status: Pending Install”

    Reply

  2. Nintex site workflows are affected
    Errored with:
    …workflow has ended unexpectedly.
    Workflow was canceled by System Account.

    Any solution?

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.