Forum Discussion
SharePoint server 2013 - March 2019 security update
Hi, This is regarding the SharePoint server 2013 security update mentioned here https://support.microsoft.com/en-us/help/4462202/description-of-the-security-update-for-sharepoint-enterprise-server
The above article says this SharePoint security update is available through Windows Update. Does it mean,
- Can we install this security patch as a normal windows update in SharePoint servers?
- Do we really need to run SharePoint configuration wizard after installing this update? or not required?
Thanks in advance! Looking forward for an answer...
6 Replies
Adhi_k7 you should find the posts at https://blog.stefan-gossner.com/ very helpful, Stefan provide very detailed explanations of how to update and why you need to run the Configuration Wizard (On every SP server in the farm)
Dean_GrossThanks for the link. One more doubt.
Please have a look here about the recent vulnerability and the available security patch https://www.zdnet.com/article/microsoft-sharepoint-servers-are-under-attack/
Do you think is the patch really applicable for an intranet SharePoint environment? because our SharePoint portal is accessible inside the organization network only, not through public.
- Just because you are behind a firewall does not protect you from someone who has got into your network. There have been many cases of attackers being present for many months inside a network. I'm going to recommend to my customers that they install the new patches on their internal farms ASAP.
You many want to look into installing Microsoft Advanced Threat Analytics to evaluate internal servers and network traffic for malicious behavior
- Can we install this security patch as a normal windows update in SharePoint servers?
- Do we really need to run SharePoint configuration wizard after installing this update? or not required?
1. Yes, security patches should show when you run Windows Update on a server that has SharePoint installed on it. I have experienced some spotty behavior using Windows Update doing this though. So best way to do this is to not depend on Window Update, download the updates and apply them via a regular change process.
2. Yes, it is required as the Configuration Wizard process stops services on a server to update DLLs and update database schemas. Configuration Wizard acts as a finalization process when applying patches.
TimLB Thanks for your response
I agree if there is any change in dll or build number, running config wizard is mandatory. This is security patch update and also mentioned it is available as windows update. Hence the question whether running configuration wizard is required or not? We have some known issues in our environment which will create issues while running configuration wizard. Hence trying to avoid this config wizard step.
Adhi_k7 I think a lot of people who have SharePoint 2013 farms have issues updating and running the corresponding configuration wizard steps afterwards... figuring out and documenting what the steps are have been key for all the places that i've worked... well that and running Update-CSDatabase on all the content databases prior to running Config Wizard. That really has been a common element between different farms. Good luck!
EDIT Update-SPContentDatabase ... CSDatabase is Skype lol
