8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.104 Low
EPSS
Percentile
94.9%
This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about the vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE) documents:
CVE-2018-0799
Note To apply this security update, you must have the release version of Microsoft SharePoint Server 2016 installed on the computer.This public update also delivers all the features that were previously included in Feature Pack 1 for SharePoint Server 2016, including:
Administrative Actions logging
MinRole enhancements
SharePoint custom tiles
Hybrid Auditing (preview)
Hybrid Taxonomy
OneDrive API for SharePoint on-premises
OneDrive for Business modern experience (available to Software Assurance customers)
The OneDrive for Business modern user experience requires an active Software Assurance contract at the time that the user experience is enabled, either by installation of the public update or by manual enablement. If you don’t have an active Software Assurance contract at the time of enablement, you must turn off the OneDrive for Business modern user experience.For more information, see New features included in the November 2016 Public Update for SharePoint Server 2016 (Feature Pack 1) and New features included in the September 2017 Public Update for SharePoint Server 2016 (Feature Pack 2).
This security update contains improvements and fixes for the following nonsecurity issues for Microsoft SharePoint Server 2016:
You must specify a valid date within the range of 01.01.1900 and 31.12.8900.
CRobotThread::Thread failed to move BDC blob file.
The blob files don’t get indexed, and you cannot search for them.
Sorry, something went wrongAn unexpected error has occurred.Technical DetailsTroubleshoot issues with Microsoft SharePoint Foundation.Correlation ID: 0_xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx_Date and Time: <Date> <Time>
When you look at the queue jobs, you find that they have not completed. This problem can occur if there are many thousands of timesheets and many hundreds of reporting periods.
Restore-spsite : Specified cast is not valid.
After you install this update, you can restore site collection for the RBS content database.
Sorry, something went wrongAn unexpected error has occurred.
To get the stand-alone package for this update, go to the Microsoft Update Catalog website.
You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.
For deployment information about this update, see security update deployment information: January 9, 2018.
This security update replaces previously released security update KB 4011576.
Package Name | Package Hash SHA 1 | Package Hash SHA 2 |
---|---|---|
sts2016-kb4011642-fullfile-x64-glb.exe | FADE06520B3767CEFB9FD2250D3EE5CD56E17EB7 | 5DBE3416D9AC19D00427B869D794BAD6BF8BE8F0400B84BB0B8D59D389B26046 |
For the list of files that update 4011642 contains, download the file information.
Help for installing updates: Windows Update FAQ
Security solutions for IT professionals: Security Support and Troubleshooting
Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure
Local support according to your country: International SupportPropose a feature or provide feedback on SharePoint: SharePoint User Voice portal
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.104 Low
EPSS
Percentile
94.9%