KB5002825

Details

Description of the security update for SharePoint Server 2019: January 13, 2026 (KB5002825)

Applies To

SharePoint Server 2019

Summary

Important:

If you're currently running SharePoint Workflow Manager, you must install the SharePoint Workflow Manager (KB5002799) to your farm before you install this cumulative update.
If you're currently running the Classic version of Workflow Manager, you have to enable the debug flag in order to continue using it.

$farm = Get-SPFarm

$farm.ServerDebugFlags.Add(53601)

$farm.update()

iisreset

This security update resolves Microsoft Office Click-To-Run Elevation of Privilege vulnerability, Microsoft SharePoint Remote Code Execution vulnerability, Microsoft SharePoint Information Disclosure vulnerability, Microsoft Word Remote Code Execution vulnerability, Microsoft SharePoint Server Remote Code Execution vulnerability, and Microsoft SharePoint Server Spoofing vulnerability. To learn more about the vulnerabilities, see the following security advisories:

Microsoft Common Vulnerabilities and Exposures CVE-2026-20943
Microsoft Common Vulnerabilities and Exposures CVE-2026-20963
Microsoft Common Vulnerabilities and Exposures CVE-2026-20948
Microsoft Common Vulnerabilities and Exposures CVE-2026-20958
Microsoft Common Vulnerabilities and Exposures CVE-2026-20951
[Microsoft Common Vulnerabilities and Exposures...

Affected Packages

Microsoft SharePoint Server 2019

Windows 10 (1507)Windows 10 (1607) / Server 2016Windows 10 (1809) / Server 2019Windows 10 (1903)Windows 10 (1909)

Fixed in:

16.0.10417.20083

References

ADVISORY

https://www.microsoft.com/en-us/download/details.aspx?id=108525