Fix-SeptemberCU-Permission-Problem.ps1
Alternatively you can also remove the NT Authority\system account from WSS_WPG and IIS_IUSRS local security groups of the SharePoint machines.
For more details check this article: Trending Issue: SharePoint fixes fail to install after installation of September 2025 CU
The product group released the April 2026 Cumulative Update for SharePoint Server 2016 product family.
This CU also includes Feature Pack 1 which was released with December 2016 CU and Feature Pack 2 which was released with September 2017 CU.
The KB articles for April 2026 CU should be available at the following locations in a couple of hours:
- KB 5002861 – April 2026 Update for SharePoint Server 2016 (language independent)
This is also a security update! - KB 5002862 – April 2026 Update for SharePoint Server 2016 (language dependent)
This is also a security update!
The downloads for April 2026 CU are available through the following links:
- Download April 2026 Update for SharePoint Server 2016 (language independent)
This is also a security update! - Download April 2026 Update for SharePoint Server 2016 (language dependent)
This is also a security update!
Important: It is required to install both fixes (language dependent and independent) to fully patch a SharePoint server. This applies also to servers which do not have language packs installed. The reason is that each SharePoint installation includes a language dependent component together with a language independent component. If additional language packs are added later (only) the language dependent fix has to be applied again.
It is irrelevant which language you pick on the drop down in download center. Even the language dependent fixes are all in the same package for all languages.
After installing the fixes you need to run the SharePoint 2016 Products Configuration Wizard on each machine in the farm. If you prefer to run the command line version psconfig.exe ensure to have a look here for the correct options.
SharePoint 2016 April 2026 CU Build Numbers:
Language independent fix: 16.0.5548.1002
Language dependent fix: 16.0.5548.1003
To understand the different version numbers please have a look at my article which explains the different SharePoint build numbers.
Please ensure to have a look at the SharePoint Patching Best Practices before applying new fixes.
Related Links:
- Technet: Updated Product Servicing Policy for SharePoint Server 2016
- Blog: SharePoint Patching Best Practices
- Blog: Common Question: What is the difference between a PU, a CU and a COD?
- Blog: SharePoint Patching demystified
- Blog: Why I prefer PSCONFIGUI.EXE over PSCONFIG.EXE
- Technet: Update Center for Microsoft Office, Office Servers, and Related Products
- Blog: SharePoint Server 2016 Patch Build Numbers Powershell Module
- Blog: SharePoint Server 2016 Zero-Downtime Patching Demystified
- Blog: SharePoint does not have a build version. Full Stop.
Permalink
Hello Stefan,
There are a few articles which claim that April 2026 release of SharePoint patch addresses 0 day vulnerability (spoofing). I am not pasting any link here.
However, these is no official documentation on Microsoft on this one.
Could you pleaseadvise.
Permalink
Hi Aditya,
sorry, I’m not in a position or allowed to comment on security related questions.
If you have any concerns, contact your Microsoft Account Manager.
Cheers,
Stefan
Permalink
Hi Stefan,
You’re listing build number 16.0.5548.1002 for both packages here whereas the KB articles list 16.0.5548.1003. Just wanted to make you aware of it so you can double-check and maybe update your blog post for consistency, in case the CU was updated in the meantime.
Best regards
Thomas
Permalink
Hi Thomas,
thanks a lot! I updated the version number in my blog post.
Cheers,
Stefan
Permalink
WTH…when I go to download the update it says download no longer available and I can’t find any updates. Not good, I had scheduled to run the upgrade tonight.
Permalink
Hi,
I just double checked and both downloads are available.
Cheers,
Stefan
Permalink
This patch seems to have broken our CAML queries. Our code up until now (for over 10 years) used (replace [] with <>):
[Eq]
[FieldRef Name=’Locked’/]
[Value Type=’bool’]false[/Value]
[/Eq]
However after the application of the April 2026 patches (KB5002850/KB5002851) to our SharePoint 2016 the above stopped working and needed to change it to this to get it working again:
[Eq]
[FieldRef Name=’Locked’/]
[Value Type=’Boolean’]0[/Value]
[/Eq]
Curious to know why Microsoft broke (or perhaps fixed) this when it only has a few more months of life left.
Permalink
Hi Piers,
which CU did you upgrade from?
I checked the changes and none of the fixes checked in to April CU modified anything in an area that could affect this.
So my guess is that you might have upgraded from an older CU and the change came in in an earlier month.
Cheers,
Stefan
Permalink
We went from KB5002850/KB500051 (March patches) to KB5002861/K5002862 (April patches)
Permalink
We went from KB5002850/KB5002851 (March patches) to KB5002861/K5002862 (April patches)
Permalink
Hi Stefan,
We updated to April 2026 CU but are being told our SWORD.DLL version should be 16.0.5548.1003 instead of 16.0.5548.1000. Did this CU have any updates for Word Automation Services and should the revision/patch numbers match? Would this depend on WAS being installed in the farm?
Thanks so much,
Jen
Permalink
Hi Jennifer,
I just double checked: the SWORD.DLL shipped with April 2026 CU for SP2016 is 16.0.5548.1000
That means you have the correct version installed.
Cheers,
Stefan
Permalink
Thank you so much! Somebody needs to tell CrowdStrike 😛