Description of the security update for SharePoint Server 2019: February 12, 2019

Applies to: SharePoint Server 2019

Summary


This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2019-0594 and Microsoft Common Vulnerabilities and Exposures CVE-2019-0604.

Note To apply this security update, you must have the release version of Microsoft SharePoint Server 2019 installed.

Improvements and fixes


This security update contains the following improvements and fixes:

  • When you run a search query that contains the SortList query parameter by using the REST interface, the query fails and generates a SearchServiceException exception. This can occur because the SortList parameter is case-sensitive.

  • When you index a document for search, the number of unique tokens per field is now increased from 10,000 to 1,000,000 before the document field is truncated.

  • The Search Service Application interface is now public. It is now possible to create a custom search application that uses the Search Service Application interface.

  • This update makes improvements to enable the new Japanese Era in SharePoint Server 2019 when it becomes available.

  • This update fixes an issue that affects SharePoint integration with Office Online Server. When you select the Open in Word Online option for a Word document, the document does not appear. This fix also improves the translation and localization of various strings in the modern features, such as modern lists and modern libraries.

  • This update fixes the Help link on some SharePoint Central Administration pages to point to Central Administration help instead of user help.

  • When you create a team site or classic team site in the central administration of SharePoint Server 2019 on-premises, the description references Office 365. This is inaccurate. The description is now more accurate.

  • This update adds the ability to change a task's duration type through the client-side object model (CSOM) after the task is created.

  • You can't set the description of a lookup table value to blank through the client-side object model (CSOM).

  • You can't get all the details of a dependency link, such as the lag duration and project UID properties, through the client-side object model (CSOM).

  • After a v2v upgrade from SharePoint Server 2016 to SharePoint Server 2019, PerformancePoint and User Profile service application databases do not have the expected compatibility level.

  • Because the multi-tenancy feature is unavailable in SharePoint Server 2019 on-premises, this update removes the multi tenancy option on the central administration page (Irmadmin.aspx) in SharePoint Server 2019.

  • Blob caching fails because the new logic to replace metabase access requires the local administrator permission for the application pool account.

How to get and install the update


Method 1: Microsoft Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More Information


Security update deployment information

For deployment information about this update, see security update deployment information: February 12, 2019.

Security update replacement information

This security update replaces previously released security update 4461634.

File hash information

sts2019-kb4462171-fullfile-x64-glb.exe 04E9F564916CDB2B3B0177518F363517C100A599 DCD279114CDFA42196C3A793A9F09704689A745C21DC566FFA1666A49BA3E0D1

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

How to get help and support for this security update


Help for installing updates: Protect yourself online

Help for protecting your Windows-based computer from viruses and malware: Microsoft Security

Local support according to your country: International Support