KB5002787: Enables the AMSI body scan over HTTP request
SharePoint Server 2016Microsoft
Update from:Description of the security update for SharePoint Server 2016 Language Pack: October 14, 2025 (KB5002787)
This security update resolves a Microsoft Excel Information Disclosure Vulnerability and Microsoft Word Remote Code Execution Vulnerability. To learn more about the vulnerabilities, see the following security advisories:
Microsoft Common Vulnerabilities and Exposures CVE-2025-59232
Microsoft Common Vulnerabilities and Exposures CVE-2025-59222
Microsoft Common Vulnerabilities and Exposures CVE-2025-59221
Microsoft Common Vulnerabilities and Exposures CVE-2025-59235
This public update delivers Feature Pack 2 for SharePoint Server 2016. Feature Pack 2 contains the following feature:
- SharePoint Framework (SPFx)
This public update also delivers all the features that were included in Feature Pack 1 for SharePoint Server 2016, including the following:
- Administrative Actions Logging
- MinRole enhancements
- SharePoint Custom Tiles
- Hybrid Taxonomy.
- OneDrive API for SharePoint on-premises
OneDrive for Business modern user experience (available to Software Assurance customers)
The OneDrive for Business modern user experience requires an active Software Assurance contract at the time that the experience is enabled, either by installation of the public update or by manual enablement. If you don't have an active Software Assurance contract at the time of enablement, you must turn off the OneDrive for Business modern user experience.
