MS17-002: Description of the security update for SharePoint Server 2016: January 10, 2017

2020-04-13T02:02:42
ID KB3141486
Type mskb
Reporter Microsoft
Modified 2020-04-16T06:54:35

Description

<html><body><p>Describes a security update that fixes vulnerabilities in Microsoft Office. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.</p><h2>Summary</h2><div class="kb-summary-section section"><span></span>This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see <a href="https://technet.microsoft.com/library/security/ms17-002" id="kb-link-2" target="_self">Microsoft Security Bulletin MS17-002</a>.<br/><br/><span class="text-base">Note</span> To apply this security update, you must have the release version of SharePoint Server 2016 installed on the computer.<br/><br/>For a complete list of affected versions of Microsoft Office software, see Microsoft Knowledge Base article <a href="https://support.microsoft.com/help/3214291" id="kb-link-3" target="_self">3214291</a>.<br/><br/>This public update delivers the first feature pack (Feature Pack 1) for SharePoint Server 2016 that contains the following features:<ul class="sbody-free_list"><li>Administrative Actions Logging</li><li>MinRole enhancements </li><li>SharePoint Custom Tiles</li><li>Hybrid Auditing (preview)</li><li>Hybrid Taxonomy</li><li>OneDrive API for SharePoint on-premises </li><li>OneDrive for Business modern experience (available to Software Assurance customers)</li></ul>The OneDrive for Business modern user experience requires an active Software Assurance contract at the time that it is enabled, either by installation of the public update or by manual enablement. If you don't have an active Software Assurance contract at the time of enablement, you must turn the OneDrive for Business modern user experience off. See <a href="https://go.microsoft.com/fwlink/?linkid=832679" id="kb-link-4" target="_self">New features included in the November 2016 Public Update for SharePoint Server 2016 (Feature Pack 1)</a> for more information.<br/></div><h2>Improvements and fixes</h2><div class="kb-symptoms-section section">This security update contains the following improvements and fixes for SharePoint Server 2016:  <ul class="sbody-free_list"><li>Some terms are translated into multiple languages to make sure that the meaning is accurate.<br/></li><li>You can't access the Shortcuts link through keyboard in grid edit mode of a SharePoint task list. Additionally, screen readers can't read or access information panels in SharePoint Server 2016.<br/></li><li> The PSConfig tool may recommend incorrect cmdlets.<br/></li><li>Sometimes, the PSConfig tool shows the upgrade as 100 percent completed even though it still takes some time before the tool moves to the next status. This problem occurs because the tool must complete some minor steps after it upgrades the products. Progress messages are displayed for these steps.<br/></li><li> Fixes the following cmdlet legacy issues of the Administrative Actions Logging feature:<ul class="sbody-free_list"><li>Support partial execution for the cmdlet and update the help document correspondingly.</li><li>Refine the messages for some exceptions and logs.</li></ul></li><li> After you try to configure and use the Lotus Notes connector for SharePoint Server, the crawl fails.<br/></li><li> You can't use the CSOM API to set the BookingType property for enterprise resources in projects.<br/></li><li>A system access control list (SACL) isn't read correctly for large file paths that exceed the Windows limitation of 260 characters. This causes the SACL to be discoverable by any user in the query results even if the user doesn't have the appropriate permissions.<br/></li><li> After you make multiple changes to the same user in quick succession in SharePoint Server 2016, the Quick Sync job can't be completed successfully.<br/></li><li>When you configure hybrid taxonomy, the specified Local Term Store Name parameter is now case-insensitive even though it was previously case-sensitive.<br/></li><li>You can't restore site collection that have site URLs. Additionally, you receive the following error message: <div class="indent"><div class="sbody-error">Error: Violation of PRIMARY KEY constraint 'PK_SiteUrlMap'. Cannot insert duplicate key in object 'dbo.SiteUrlMap'</div></div><br/></li><li>When you add a subtask to an existing subtask of a SharePoint task list, multiple subtasks are created instead of just one subtask, in certain conditions.<br/></li><li>When you copy and paste subtasks in grid edit mode of a SharePoint task list, multiple subtasks are created unexpectedly.<br/></li><li>SharePoint Server 2016 becomes unresponsive and the server experiences high CPU usage that requires a restart. Additionally, you can't access sites, or you get extremely slow page load times.<br/></li></ul>This security update also contains improvements and fixes for Project Server 2016:<ul class="sbody-free_list"><li>When you apply status updates in PWA, actual work is added to some assignments unexpectedly. For example, you have an assignment that has 35 hours total work, and the status update is to apply 9 hours. When you view the results in Project Professional, you find that the assignment is unexpectedly completed. Meanwhile, the total work and the actual work have increased to 400 hours.<br/></li></ul></div><h2>How to get and install the update</h2><div class="kb-resolution-section section"><h3 class="sbody-h3"> Method 1: Microsoft Update </h3><div class="kb-collapsible kb-collapsible-expanded">This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see <a href="https://support.microsoft.com/en-us/help/12373/windows-update-faq" id="kb-link-6" target="_self">Windows Update: FAQ</a>.</div><h3 class="sbody-h3">Method 2: Microsoft Update Catalog</h3><div class="kb-collapsible kb-collapsible-expanded">To get the stand-alone package for this update, go to the <a href="http://www.catalog.update.microsoft.com/search.aspx?q=kb3141486" id="kb-link-7" target="_self">Microsoft Update Catalog</a> website.<br/><br/></div><h3 class="sbody-h3">Method 3: Microsoft Download Center</h3><div class="kb-collapsible kb-collapsible-expanded">You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.<br/> <ul class="sbody-free_list"><li><img alt=" Download " class="graphic" src="/library/images/support/kbgraphics/public/EN-US/Download.gif" title=" Download "/><a href="http://www.microsoft.com/download/details.aspx?familyid=4312bfdb-31ab-429a-b3ac-66a53dc62e41" id="kb-link-8" target="_self">Download security update 3141486 for the 64-bit version of SharePoint Server 2016</a></li></ul></div></div><h2>More Information</h2><div class="kb-moreinformation-section section"><h3 class="sbody-h3">Security update deployment information</h3>For deployment information about this update, see Microsoft Knowledge Base article <a href="https://support.microsoft.com/help/3214291" id="kb-link-9" target="_self">3214291</a>.<br/><h3 class="sbody-h3">Security update replacement information</h3> This security update doesn't replace any previously released update.<br/><h3 class="sbody-h3">File hash information</h3><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th">Package name</th><th class="sbody-th">Package hash SHA 1</th><th class="sbody-th">Package hash SHA 2</th></tr><tr class="sbody-tr"><td class="sbody-td">sts2016-kb3141486-fullfile-x64-glb.exe</td><td class="sbody-td">1B30B50FEB5FB3F8D764C6C0D6523DBA5BE05C1E</td><td class="sbody-td">4A21ACD01FD617A60C7A3782E322289C15252E5FD297C298AF32B09744B340E1</td></tr></table></div><h3 class="sbody-h3">File information</h3>For the list of files that cumulative update KB3141486 contains, download the <a href="http://download.microsoft.com/download/e/5/7/e57b4c55-4478-4857-9645-63a0f4bfd9ad/3141486.csv" id="kb-link-10" target="_self">file information for update KB3141486</a>.<div class="faq-section" faq-section=""><div class="faq-panel"><div class="faq-panel-heading" faq-panel-heading=""><span class="link-expand-image"><span class="faq-chevron win-icon win-icon-ChevronUpSmall"></span></span><span class="bold btn-link link-expand-text"><span class="bold btn-link">How to get help and support for this security update</span></span></div><div class="faq-panel-body" faq-panel-body=""><span><div class="kb-collapsible kb-collapsible-collapsed">Help for installing updates: <br/><a href="https://support.microsoft.com/ph/6527" id="kb-link-11" target="_self">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <br/><a href="https://technet.microsoft.com/security/bb980617.aspx" id="kb-link-12" target="_self">TechNet Security Troubleshooting and Support</a><br/><br/>Help for protecting your Windows-based computer from viruses and malware: <br/><a href="https://support.microsoft.com/contactus/cu_sc_virsec_master" id="kb-link-13" target="_self">Virus Solution and Security Center</a><br/><br/>Local support according to your country: <a href="" id="kb-link-14" target="_self">International Support</a></div><br/></span></div></div></div></div></body></html>