For more details check this article: Trending Issue: SharePoint fixes fail to install after installation of September 2025 CU
The product group released the March 2026 Cumulative Update for SharePoint Server 2016 product family.
This CU also includes Feature Pack 1 which was released with December 2016 CU and Feature Pack 2 which was released with September 2017 CU.
The KB articles for March 2026 CU should be available at the following locations in a couple of hours:
- KB 5002850 – March 2026 Update for SharePoint Server 2016 (language independent)
This is also a security update! - KB 5002851 – March 2026 Update for SharePoint Server 2016 (language dependent)
This is also a security update!
The downloads for March 2026 CU are available through the following links:
- Download March 2026 Update for SharePoint Server 2016 (language independent)
This is also a security update! - Download March 2026 Update for SharePoint Server 2016 (language dependent)
This is also a security update!
Important: It is required to install both fixes (language dependent and independent) to fully patch a SharePoint server. This applies also to servers which do not have language packs installed. The reason is that each SharePoint installation includes a language dependent component together with a language independent component. If additional language packs are added later (only) the language dependent fix has to be applied again.
It is irrelevant which language you pick on the drop down in download center. Even the language dependent fixes are all in the same package for all languages.
After installing the fixes you need to run the SharePoint 2016 Products Configuration Wizard on each machine in the farm. If you prefer to run the command line version psconfig.exe ensure to have a look here for the correct options.
SharePoint 2016 March 2026 CU Build Numbers:
Language independent fix: 16.0.5543.1000
Language dependent fix: 16.0.5543.1000
To understand the different version numbers please have a look at my article which explains the different SharePoint build numbers.
Please ensure to have a look at the SharePoint Patching Best Practices before applying new fixes.
Related Links:
- Technet: Updated Product Servicing Policy for SharePoint Server 2016
- Blog: SharePoint Patching Best Practices
- Blog: Common Question: What is the difference between a PU, a CU and a COD?
- Blog: SharePoint Patching demystified
- Blog: Why I prefer PSCONFIGUI.EXE over PSCONFIG.EXE
- Technet: Update Center for Microsoft Office, Office Servers, and Related Products
- Blog: SharePoint Server 2016 Patch Build Numbers Powershell Module
- Blog: SharePoint Server 2016 Zero-Downtime Patching Demystified
- Blog: SharePoint does not have a build version. Full Stop.
Permalink
Should we treat this CU as a Critical one or as a High? There is a difference between MS (critical) and CVE (high)
Permalink
Hi Szymon,
I’m not an expert here. I usually go for the Max Severity which is Critical for this CVE
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26113
Cheers,
Stefan
Permalink
It says If you’re currently running the Classic version of Workflow Manager, you have to enable the debug flag in order to continue using it.:
Does this mean we can stay on workflow manager 1.0 (or I assume this means the classic) and not upgrade the workflow manager?
Permalink
Hi Jeff,
only till July 14th, 2026.
Afterwards Classic Workflow Manager will go out of support and will also no longer be supported by SharePoint.
See here for details:
https://learn.microsoft.com/en-us/lifecycle/products/microsoft-workflow-manager-10
Cheers,
Stefan