Description of the security update for SharePoint Server Subscription Edition: January 13, 2026 (KB5002822)

Summary 

This security update resolves a Microsoft Office Click-To-Run Elevation of Privilege vulnerability, Microsoft Word Remote Code Execution, Microsoft SharePoint Remote Code Execution vulnerability, Microsoft SharePoint Information Disclosure vulnerability, Microsoft SharePoint Server Remote Code Execution vulnerability and Microsoft SharePoint Server Spoofing vulnerability. To learn more about the vulnerabilities, see the following security advisories:​​​​​​​​​​​​​​

• Microsoft Common Vulnerabilities and Exposures CVE-2026-20943​​​​​​​

• ​​​​​​​Microsoft Common Vulnerabilities and Exposures CVE-2026-20958

• ​​​​​​​Microsoft Common Vulnerabilities and Exposures CVE-2026-20963

• Microsoft Common Vulnerabilities and Exposures CVE-2026-20951

• Microsoft Common Vulnerabilities and Exposures CVE-2026-20959

• Microsoft Common Vulnerabilities and Exposures CVE-2026-20947

Improvements and fixes 

This security update introduces the SharePoint Server Subscription Edition Version 25H2 feature update. This feature update will be included in all SharePoint Server Subscription Edition public updates going forward. For more information about this feature update, see New and improved features in SharePoint Server Subscription Edition Version 25H2.

This security update contains improvements and fixes for the following nonsecurity issues in SharePoint Server Subscription Edition:

• ​​​​​​​This update integrates SharePoint Server with the ECS .NET Client library to enable URL blocking. 

• This update fixes the GB18030-2022 certification issue. 

• This update fixes an issue in which the UPA‑backed claims provider doesn't resolve groups in the People Picker if a group name contains special characters.

• This update fixes an issue that causes the DateOnly column to also display the time in the modern information panel.​

• This update fixes an issue in which some links lack discernible text or contain only images or icons without accessible alternative text.

• This update adjusts the brightness of the star icon in the Favorites panel for better visibility.

• This update fixes an issue in which the Drop an image section option doesn't appear focused when you navigate by using the keyboard and doesn't display any hover-triggered popup window. 

• This update fixes an issue in which the focus leaves the Image gallery layout property pane when you navigate by using the Tab key.

• This update fixes an issue in which the focus leaves the Font color popup window in the Text and tableformatting pane when you navigate by using the Tab key.

• This update fixes an accessibility issue in the Permissions dialog box.

• This update fixes an accessibility issue by making the info icon accessible when you navigate by using the keyboard.

• This update fixes the data duplication issue that occurs during the Remote Blob Storage (RBS) migration.​​​​​​​

How to get and install the update

More information

Information about protection and security

Protect yourself online: Windows Security support

Learn how we guard against cyber threats: Microsoft Security