Not a user yet?
Log in Register for free Suggest a product
Update

KB5002771: Adds a warning when deleting a Cloud Search Service Application (Cloud SSA)

SharePoint Server 2016SharePoint Server 2016
Microsoft
Update from patrick-devicebaseUpdate from:
patrick-devicebase (expert)

Description of the security update for SharePoint Server 2016: August 12, 2025 (KB5002771)

Summary
This security update resolves a Microsoft SharePoint remote code execution vulnerability, Microsoft SharePoint elevation of privilege vulnerability, Microsoft Word remote code execution vulnerability, and Microsoft Word information disclosure vulnerability. To learn more about the vulnerabilities, see the following security advisories:

  • Microsoft Common Vulnerabilities and Exposures CVE-2025-49712
  • Microsoft Common Vulnerabilities and Exposures CVE-2025-53760
  • Microsoft Common Vulnerabilities and Exposures CVE-2025-53733
  • Microsoft Common Vulnerabilities and Exposures CVE-2025-53736

Notes:
This is build 16.0.5513.1002 of the security update package.
To apply this security update, you must have the release version of Microsoft SharePoint Server 2016 installed on the computer.

This public update delivers Feature Pack 2 for SharePoint Server 2016. Feature Pack 2 contains the following feature:

  • SharePoint Framework (SPFx)

This public update also delivers all the features that were included in Feature Pack 1 for SharePoint Server 2016, including:

  • Administrative Actions Logging
  • MinRole enhancements
  • SharePoint Custom Tiles
  • Hybrid Taxonomy
  • OneDrive API for SharePoint on-premises
  • OneDrive for Business modern user experience (available to Software Assurance customers)

Improvements and fixes
This security update contains an improvement and a fix for the following nonsecurity issue in SharePoint Server 2016. To get the improvement and fix the issue completely, you have to install KB 5002772 together with this update.

  • Adds a warning when deleting a Cloud Search Service Application (Cloud SSA) if users have not verified that the hybrid indexes are removed.
  • Fixes an issue in which users cannot use Business Connectivity Services (BCS) together with the DotNetAssembly or WebService system type, because these system types are not enabled by default.

​​​​​​​To support Business Data Connectivity (BDC) models that are based on the DotNetAssembly or WebService system type, enable the support by running the following commands in SharePoint Management Shell if you trust your BDC models:
$farm = Get-SPFarm
$farm.ServerDebugFlags.Add(57007)
$farm.ServerDebugFlags.Add(57008)
$farm.update()
iisreset

Known issues in this update
After you install this update, you might experience an issue when you configure calendar overlay settings. For more information, see "Invalid EWS URL: <url>" error in Overlay settings in CalendarService.ashx (KB5064829).</url>

Version: 16.0.5513.1002 Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Microsoft SharePoint Server 2016 updates

More from the Apps & Software section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad