Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

MS15-110: Description of the security update for SharePoint Foundation 2013: October 13, 2015

View products that this article applies to.


This security update resolves vulnerabilities in Sharepoint. To learn more about these vulnerabilities, see Microsoft Security Bulletin MS15-110.

Note To apply this security update, you must have the release version of Service Pack 1 for Microsoft SharePoint Foundation 2013 installed on the computer.

For a complete list of affected versions of Microsoft Office software, see KB3096440 .

Improvements and fixes

This update contains fixes for the following nonsecurity issues: 
  • REST query fails if a post contains an image without any associated text. For example, you can't access a newsfeed, and you receive the following error message when you send a REST query: 
    The server encountered an error processing the request. See server logs for more details.
  • Welcome email is not sent to users when the user who creates the invitation is not the owner, and no message is entered in the optional message text box.
  • When you create a document set, all entered data is lost if a field validation fails.
  • After you select Cancel on the Edit Properties page of a publishing page, you are redirected to the document library but not the page.
  • Incremental crawls on certain crawl sources cause sustained high CPU usage and gradually increasing memory consumption.
  • The WOPI Discovery Synchronization timer job is displayed as successful even if it fails.
  • When you drag-and-drop files to a SharePoint site, the upload process may freeze after a brief period of inactivity.
  • When you restore or move a site collection to a different location, the URL of the site logo image isn't updated.
  • Custom CSS styles aren't displayed for the RichHtmlField control on ribbons.
  • After you migrate from SharePoint Server 2010 to SharePoint Server 2013, you can't access workflows of a list to start a new workflow or check the status of existing instances for SharePoint Server 2010 workflows.
  • When you try to access a list for which you don't have access permissions, you expect to receive an access denied error message. Instead, you receive the following error message: 
    The "ListViewWebPart" Web Part appears to be causing a problem. Object reference not set to an instance of an object.

  • After you restore or copy a site collection, the URL of the navigation node is invalid.
  • After you use the Copy-SPSite cmdlet to synchronize a new created site collection, you can't use OneDrive for Business to synchronize an old site collection.

    Note To resolve this issue, you also have to apply September 16, 2014 update for OneDrive for Business (KB2889931) .
  • Fixes the following issues in Azure plugin in hybrid crawler:
  • Sends headers with additional information to secure cloud services (SCS).
  • Fixes Azure plugin freezes because of status change (pause or resume).
  • Fixes the spoindextypename value.
  • You cannot attach any files to list items in a SharePoint Server 2013 site. The operation fails, and you receive with a message that states that the path contains invalid characters.

↑ Back to the top

How to obtain and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Get security updates automatically.

Method 2: Microsoft Download Center

You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

↑ Back to the top

More Information

Security update deployment information

For deployment information about this update, see Microsoft Knowledge Base Article KB3096440 .

Security update replacement information

This security update replaces previously released update KB3085501 .

File information

For a list of the files that are provided in update KB3085582, download the file information for update KB3085582.
How to obtain help and support for this security update
Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

↑ Back to the top

Keywords: kbbug, kbfix, kbsurveynew, atdownload, kbexpertiseinter, kbsecbulletin, kbsecvulnerability, kbmustloc, kblangall, kbsecurity, kb, kbsecreview

↑ Back to the top

Article Info
Article ID : 3085582
Revision : 5
Created on : 4/13/2020
Published on : 4/13/2020
Exists online : False
Views : 427