Aktualizace pro SharePoint Server 2016 (March 2020 CU)

Pro SharePoint Server 2016 byla vydána nová kumulativní aktualizace (March 2020 CU).
Tento CU obsahuje jak Feature Pack 2, který je součástí od zářijového CU (September 2017 CU), tak i předchozí Feature Pack 1.

SP Build:
16.0.4978.1000 (Language independent CU)
16.0.4978.1000 (Language dependent CU)

SharePoint 2016 CU – KB články popisující CU:

• KB 4484272 – March 2020 Update for SharePoint Server 2016 (language independent)
  
• KB 4484275 – March 2020 Update for SharePoint Server 2016 (language dependent)

SharePoint Server 2016 CU – Odkaz ke stažení CU:

• Download March 2020 Update for SharePoint Server 2016 (language independent)
  
• Download March 2020 Update for SharePoint Server 2016 (language dependent)

Po dokončení instalace nezapomeňte na spuštění průvodce konfigurací služby SharePoint 2016 (SharePoint 2016 Products Configuration Wizard), nebo příkazu:
PSConfig.exe -cmd upgrade -inplace b2b -wait -cmd applicationcontent -install -cmd installfeatures -cmd secureresources -cmd services -install

Upozornění

Feature Pack 2 obsahuje též všechny funkcionality z Feature Pack 1.

Vždy instalujte oba balíčky a to v pořadí:

1. language independent (aktualizuje jazykové nezávislé komponenty)
2. language dependent (aktualizuje jazykové závislé komponenty)

V případě jazykově závislých balíčku (language dependent) nezáleží jaký jazyk si ve výsledku vyberete, jelikož každý balíček obsahuje aktualizace pro všechny jazyky.

V případě, že na SharePoint Server 2016 farmu instalujete nový jazykový balíček, je nutné následně znova nainstalovat jazykové závislý balíček (language dependent).

Nezapomínejte, že krom SharePoint je nutné mít aktualizovanou i službu Distributed Cache, viz. Jak správně aktualizovat Distributed Cache a v případě Office Online Serveru musíte mít aktuální RTM verzi, viz.  Jak aktualizovat Office Online Server.

Obsažené opravy a vylepšení

Seznam oprav a vylepšení tohoto CU je soubor výňatků z oficiálních Microsoft KB článků v původním jazyce (EN).

SharePoint Server 2016

This security update resolves a remote code execution vulnerability that exists in Microsoft Word software if the program does not correctly handle objects in memory. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2020-0850 and Microsoft Common Vulnerabilities and Exposures CVE-2020-0892.

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the following security advisories:

• Microsoft Common Vulnerabilities and Exposures CVE-2020-0795
• Microsoft Common Vulnerabilities and Exposures CVE-2020-0850
• Microsoft Common Vulnerabilities and Exposures CVE-2020-0891
• Microsoft Common Vulnerabilities and Exposures CVE-2020-0892
• Microsoft Common Vulnerabilities and Exposures CVE-2020-0893
• Microsoft Common Vulnerabilities and Exposures CVE-2020-0894

This security update contains improvements and fixes for the following nonsecurity issues in SharePoint Server 2016:

• Adds support for the SameSite cookie attribute to remain compatible with changes in how web browsers such as Chrome handle cookies.
• When a list view uses GroupBy on a calculated DateTime field and includes a multi-valued lookup field, users can’t expand any of the groups in the view. A „working on it“ message appears where the group should be expanded, and an error dialog box appears. After this update is applied, the issue is fixed.
• After you create an enterprise custom field, the keyboard focus doesn’t land on the next interactive element after you activate the Select value button.
• After you import an updated thesaurus into the Search Service Application, you may see a „something went wrong“ error message when you search from the Search box.
• When you copy items that are declared as records through Windows Explorer, the copied items keep the record declaration status. This update fixes this issue.
• When a user opens multiple SharePoint links on multiple browser tabs, enters credentials in one of the tabs, and then refreshes the other tabs, the sign-in process doesn’t occur seamlessly. Instead, the user is redirected to the root site and not actual site.
• Site collection level mappings do not occur for Default.aspx in each site’s page library because the SiteId for Default.aspx is not generated correctly. After the fix is installed, the customized schema in site collection level will become active for default.aspx.

This security update contains fixes for the following nonsecurity issues in Project Server 2016:

• In Project Web App (PWA), you can’t edit in a lookup table’s Value and Description columns while you use the Chrome browser.
• You edit a resource in Project Web App and use the Chrome browser. In this situation, although initials may exist for a work resource that’s tied to a Windows user account, the Initials field isn’t populated and appears blank. Therefore, if the resource is saved, the blank initials are saved over the correct initials.
• You can’t navigate through the tables on the Approvals and Resource pages by using a keyboard.