KB5002796: Enables the AMSI body scan over HTTP request

Description of the security update for SharePoint Server 2019: October 14, 2025 (KB5002796)

This security update resolves a Microsoft Excel Information Disclosure Vulnerability, Microsoft Word Remote Code Execution Vulnerability, and Microsoft SharePoint Remote Code Execution Vulnerability. To learn more about the vulnerabilities, see the following security advisories:

• Microsoft Common Vulnerabilities and Exposures CVE-2025-59232
• Microsoft Common Vulnerabilities and Exposures CVE-2025-59222
• Microsoft Common Vulnerabilities and Exposures CVE-2025-59221
• Microsoft Common Vulnerabilities and Exposures CVE-2025-59237
• Microsoft Common Vulnerabilities and Exposures CVE-2025-59235
• Microsoft Common Vulnerabilities and Exposures CVE-2025-59228

Improvements and fixes
This security update contains improvements and fixes for the following nonsecurity issue in SharePoint Server 2019.

• Enables the AMSI body scan over HTTP request.