KB5002685 for Microsoft SharePoint Enterprise Server 2016

KB5002685 is the latest security update for Microsoft SharePoint Enterprise Server 2016 edition. It was released on 11 February 2025 under the ‘Patch Tuesday’ project.

Salient points

• KB5002685 supersedes KB5002672. KB5002672 for SharePoint Enterprise Server 2016 edition was last released on 14 January 2025.
• KB5002685 corresponds to SharePoint build 16.0.5487.1000.
• KB5002685 resolves a security vulnerability, CVE-2025-21400 in the SharePoint Enterprise Server 2016 edition.
• KB5002685 also includes the Feature Pack 2 for the SharePoint Server 2016. The Feature Pack 2 includes the SharePoint Framework (SPFx).
• All features that are part of the SharePoint 2016 Feature Pack 1 are also included in KB5002685.

Security vulnerability in SharePoint 2016

CVE-2025-21400 is the security vulnerability affecting Microsoft SharePoint Enterprise Server 2016 Edition.

• CVE-2025-21400 is a Remote Code Execution vulnerability.
• It has a CVSS score of 8.1 and ‘Important’ severity.
• An attacker could connect to a malicious server, and that could allow the attacker to gain code execution on the client. In a network-based attack, an authenticated attacker, as at least a Site Owner, could write arbitrary code to inject and execute code remotely on the SharePoint Server.

Non-security improvements, Feature Pack – KB5002685

Microsoft SharePoint Server 2016 gets the Feature Pack 2 through KB5002685. The Feature Pack 2 includes the SharePoint Framework SPFx.

KB5002685 also includes the Feature Pack 1 for SharePoint Server 2016. The main features in the Feature Pack 1 for SharePoint Server 2016 are:

• Administrative Actions Logging
• MinRole enhancements
• SharePoint Custom Tiles
• Hybrid Taxonomy
• OneDrive API for SharePoint on-premises
• OneDrive for Business modern user experience (available to Software Assurance customers)

Installation of KB5002685

KB5002685 can be installed through the Windows Update program automatically.

For manual installations, you can download the KB5002685 file from the Microsoft Update Catalog site. Or, you could get the file from the Microsoft Download Center.

• Download KB5002685 from the Microsoft Update Catalog – 787.1 MB
• Download KB5002685 from the Microsoft Download Center

Post-deployment of KB5002685, the SharePoint Server 2016 may restart. So, please plan the change in a scheduled window or change.