Update

KB5002778: Enables the automatic machine key rotation feature.

Description of the security update for SharePoint Server 2016: September 09, 2025 (KB5002778)

Summary
This security update resolves a Microsoft SharePoint remote code execution vulnerability, Microsoft Word information disclosure vulnerability, and Microsoft Office remote code execution vulnerability. To learn more about the vulnerabilities, see the following security advisories:

  • Microsoft Common Vulnerabilities and Exposures CVE-2025-54906
  • Microsoft Common Vulnerabilities and Exposures CVE-2025-54905
  • Microsoft Common Vulnerabilities and Exposures CVE-2025-54897

Improvements and fixes
This security update contains improvements and fixes for the following nonsecurity issue in SharePoint Server 2016.

  • You can now use the Test-DefenderAndAmsiWorkProperly cmdlet in SharePoint Management Shell to verify that all Windows Defender components are installed and active, and that SharePoint AMSI (Antimalware Scan Interface) integration is functioning correctly.
  • In order to use workflows in SharePoint Server, you must now have the latest update for SharePoint Workflow Manager installed.
  • To strengthen security in SharePoint Server, users in the WSS_WPG group are now restricted from running administrative processes, such as the SharePoint Products Configuration Wizard (Psconfig). For more information, see Account permissions and security settings in SharePoint Servers.​​​​​​​
  • ​​​​​​​​​​​​​​Enables the automatic machine key rotation feature.
  • Enhances the AMSI Filter feature module. Changes the default setting to be always on.
Version: 16.0.5517.1000 Link
Receive Important Update Messages Stay tuned for upcoming Microsoft SharePoint Server 2016 updates

More from the Apps & Software section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad