Hi Steven, can you provide any use case to verify the issues reported for Office online ? We are not sure whether we need to apply the Update or not ?
↧
Comment on December 2019 CU for SharePoint Server 2019 is available for download by Karthikeyan Parasuraman
↧
Comment on SharePoint security fixes released with December 2019 PU and offered through Microsoft Update by Greg M.
Hello Stefan, Yesterday there was a security bulletin published: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1491
It stands for SharePoint 2013 SP1, SharePoint 2010 SP2, SharePoint 2016 and SharePoint 2019
↧
↧
Comment on SharePoint security fixes released with December 2019 PU and offered through Microsoft Update by Dan
Hi Stefan,
Our security department sent me this new vulnerability that was released Yesterday (12/17/19) https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1491
Can you confirm the following
I will need to run the config wizard after I install the patch
There is no minimum current build that my SharePoint farm (2013 – 15.0.4995.1000) needs to be on before I can install this patch.
Thanks for your time
↧
Comment on December 2019 CU for SharePoint 2013 product family is available for download by Jsoephine
Hello, Stefan
After patching, the SharePoint build number is equivalent to Nov 2019 CU instead of Dec 2019 CU.
Product version 15.0.5197.1000 SPFarm Build Version 15.0.5189.1000.
↧
Comment on SharePoint security fixes released with December 2019 PU and offered through Microsoft Update by Stefan Goßner
Hi Dan,
the config wizzard is required after ALL SharePoint fixes. No exceptions.
Technically only SP1 is required to install the fix but from a support perspective your system is unsupported if you did not install at least April 2018 CU before as older patch levels are no longer supported.
See here for details:
https://blog.stefan-gossner.com/2017/12/13/updated-product-servicing-policy-for-sharepoint-2013/
Cheers,
Stefan
↧
↧
Comment on December 2019 CU for SharePoint 2013 product family is available for download by Stefan Goßner
Hi Jsoephine,
thats correct.
See here for details:
https://blog.stefan-gossner.com/2016/08/23/sharepoint-does-not-have-a-build-version-full-stop/
Cheers,
STefan
↧
Comment on December 2019 CU for SharePoint Server 2019 is available for download by Stefan Goßner
Hi Karthikeyan,
please open a support case with Microsoft to get such information.
Thanks,
Stefan
↧
Comment on SharePoint security fixes released with December 2019 PU and offered through Microsoft Update by Stefan Goßner
Hi Greg,
thats correct – the bulletin was released yesterday.
But if you check the KB articles for the patches you will see that the fixes were all release already in November 2019 PU.
Cheers,
Stefan
↧
Comment on SharePoint security fixes released with December 2019 PU and offered through Microsoft Update by Dan
That is great to know. Now a quick follow up question. If my security department cant wait until this patch is in the January CU and I need to install the Dec 2019 CU and this patch can I install them both and then run the config wizard after or do I have to install them separately and then run the config wizard twice?
↧
↧
Comment on SharePoint security fixes released with December 2019 PU and offered through Microsoft Update by Stefan Goßner
Hi Dan,
if you check the KB articles you will notice that these fixes were all released in November PU already. Only the security bulletin was released this week.
So if you install December CU the November PU fixes are included.
Second: you can install as many patches as you like and only run the config wizard once at the end.
Cheers,
Stefan
↧
Comment on SharePoint security fixes released with December 2019 PU and offered through Microsoft Update by Dan
I really appreciate the help on this. You saved me alot of time….
↧
Comment on December 2019 CU for SharePoint 2013 product family is available for download by Dan
Hi Stefan,
Does Microsoft publish current regressions that are found and when they are being fixed in future releases? I am working on patching the latest Dec 19 CU and did not know that the calendar overlays would break when I install this until I say Carol’s post.
Thanks
Dan
↧
Comment on December 2019 CU for SharePoint 2013 product family is available for download by Stefan Goßner
Hi Dan,
we do not have a public list for this.
We recommend not to install any SharePoint fixes in production before evaluating them in a test environment which resembles the production environment to verify that the fix does not break any specific scenarios used in your specific configuration.
Cheers,
Stefan
↧
↧
Comment on December 2019 CU for SharePoint 2013 product family is available for download by Josephine
Thanks.
Should I ignore “get-spproduct -local returns true”? I have upgraded the farm multiple times and check the registry settings before and after. Reference:
https://blog.stefan-gossner.com/2015/08/20/why-i-prefer-psconfigui-exe-over-psconfig-exe/
https://blog.stefan-gossner.com/2016/08/09/sharepoint-patching-and-get-spproduct-local/
↧
Comment on December 2019 CU for SharePoint 2013 product family is available for download by Stefan Goßner
Hi Josephine,
you mean the required column?
This should be true for all servers. Important is the “Missing” column.
Cheers,
Stefan
↧
Comment on December 2019 CU for SharePoint 2013 product family is available for download by Josephine
Great. Nothing returns from “Missing” column but it is annoying to see (get-spserver $env:computername).NeedsUpgrade returned true value for all SharePoint servers including email server.
Get-SPServer | Where{ $_.NeedsUpgrade –eq $TRUE} also returns all SharePoint Servers including email server. (Should return a list of all servers in the farm that need an upgrade)
Reference: https://docs.microsoft.com/en-us/powershell/module/sharepoint-server/get-spserver?view=sharepoint-ps
Central Administration Server Status show “No Action Required”.
Upgrade-SPFarm returns “This farm doesn’t need to be upgraded”.
Thanks.
↧
Comment on SharePoint security fixes released with December 2019 PU and offered through Microsoft Update by Adrian
Hi Stefan,
thanks for clearing up/confirming how this works.
So if my SP Farm is running CU 2019-11 or higher, I am not affected, and the heise article is incorrect as this is not an “out of the ordinary update” but rather an “out of the ordinary message about an old update”, correct? And https://www.heise.de/security/meldung/Microsoft-patcht-SharePoint-Server-ausser-der-Reihe-4619677.html is technically incorrect?
Thanks for doing the good work and Merry Christmas 🙂
Adrian
↧
↧
Comment on SharePoint security fixes released with December 2019 PU and offered through Microsoft Update by Stefan Goßner
Hi Adrian,
please have a look at the Description in the “Revisions” section of the CVE:
“Information published. This CVE has been added to this month’s Security Updates. This is an informational change only. Customers who have successfully installed the applicable updates do not need to take any further action.”
As you can see no binaries have been published – only an informational change.
There is already a comment on the heise article from a user which pointed out that the fixes are for November and that this is most likely an issue already fixed a while back.
Nothing to add here from my side.
Cheers,
Stefan
↧
Comment on December 2019 CU for SharePoint 2013 product family is available for download by Stefan Goßner
Hi Josephine, did you run the management shell with “run as administrator”? If yes it sounds strange. In this case I would recommend to open a support case with Microsoft to get this analyzed.
↧
Comment on December 2019 CU for SharePoint 2013 product family is available for download by Josephine
Yes, run as administrator as usual. Though it was strange so I wanted to check with you.
First time experiencing this strange behavior out of 3 years of managing our current environment…
Thanks for your guidance.
Josephine
↧