Sign in with Microsoft
Sign in or create an account.
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.


This security update resolves a Microsoft SharePoint remote code execution vulnerability, Microsoft SharePoint Server spoofing vulnerability, Microsoft SharePoint Server remote code execution vulnerability, and Microsoft SharePoint Server security feature bypass vulnerability. To learn more about the vulnerabilities, see the following security advisories:​​​​


  • This is build 16.0.16130.20642 of the security update package.

  • To apply this security update, you must have the release version of Microsoft SharePoint Server Subscription Edition installed on the computer.

Improvements and fixes

This security update contains improvements and fixes for the following nonsecurity issues in SharePoint Server Subscription Edition:

  • Fixes an issue that occurs after you install Description of the security update for SharePoint Server Subscription Edition: May 9, 2023 (KB5002390) in which updating or retracting a farm solution takes a long time if the SharePoint farm service account is a member of the local Administrators group. Additionally, the application pools might remain in a stopped state even after the operation is finished.

  • Fixes an issue in which non-SharePoint application pools that host 32-bit applications on SharePoint servers stop responding if you set Enable 32-Bit Applications to True for those pools in Internet Information Services (IIS) Manager.

  • Fixes an issue in which the yellow bar visual indicator of missing required field values is displayed even if the item contains values for its required fields. This occurs when the view doesn't display the required fields.

  • Fixes an issue in which you cannot call the ListData.svc API successfully if the list contains a calculated column whose formula doesn't resolve to a double.

  • Updates the daylight saving time (DST) policy for time zones in Egypt, Fiji, Jordan, Mexico, and Uruguay.

  • Adds all web application pool accounts to the WSS_WPG group on all farm servers.

  • Fixes an issue in which the Document ID is editable in the modern experience of a document library.

  • Fixes an issue in which the modern page site avatar displays an abbreviation of the site type instead of the actual site title in Chinese (Simplified) sites. To revert to the previous behavior, run the following command in the SharePoint Management Shell:

    $farm = Get-SPFarm

  • Fixes an issue in which the Managed Metadata column and Person column display the ID of the term instead of the label name.

  • Fixes an issue in which the notification overlay appears behind the Grant Access panel.

  • Fixes an issue in which attachments that are added to a list item are not visible in the Modern UI until the page is refreshed.

  • Fixes an issue in which you cannot access cross-site resources.

  • Fixes some GB18030 character set rendering issues.

This security update also contains fixes for the following nonsecurity issues that occur when you use the client-side object model (CSOM) in Project Server:

  • You cannot set a project or task calendar for a project.

  • You cannot update the ScheduledFromStart property for a project.

Known issues in this update

Saving or auto-saving fails in document-related features, especially when integrating with the Office Online Server service. For example:

  • You cannot save as a copy of Word, Excel, or PowerPoint online in the document library.

  • You cannot add a new item in the form library that's published by InfoPath Designer 2013.

  • OneNote's autosave feature doesn't work in the document library.

To work around this issue, run the following command in the SharePoint Management Shell:

  $farm = Get-SPFarm

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More information

Security update deployment information

For deployment information about this update, see Deployments - Security Update Guide.

Security update replacement information

This security update replaces previously released security update 5002416.

File hash information

File name

SHA256 hash



File information

Download the list of files that are included in security update 5002424.

Information about protection and security

Protect yourself online: Windows Security support

Learn how we guard against cyber threats: Microsoft Security

Change history

The following table summarizes some of the most important changes to this topic.



July 17, 2023

Added a "Known issues in this update" section to describe an issue that users may experience.

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!