Description of the security update for SharePoint Enterprise Server 2016: June 9, 2020

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the following security advisories:

• Microsoft Common Vulnerabilities and Exposures CVE-2020-1148
• Microsoft Common Vulnerabilities and Exposures CVE-2020-1177
• Microsoft Common Vulnerabilities and Exposures CVE-2020-1178
• Microsoft Common Vulnerabilities and Exposures CVE-2020-1181
• Microsoft Common Vulnerabilities and Exposures CVE-2020-1183
• Microsoft Common Vulnerabilities and Exposures CVE-2020-1295
• Microsoft Common Vulnerabilities and Exposures CVE-2020-1297
• Microsoft Common Vulnerabilities and Exposures CVE-2020-1298
• Microsoft Common Vulnerabilities and Exposures CVE-2020-1318
• Microsoft Common Vulnerabilities and Exposures CVE-2020-1320
• Microsoft Common Vulnerabilities and Exposures CVE-2020-1323

Note To apply this security update, you must have the release version of Microsoft SharePoint Enterprise Server 2016 installed on the computer.

• A profile synchronization timer job does not sync integer-mapped user properties that have a User Information list. 
• Creating a site master fails if multiple authentication methods are used for the web application.
• Regional settings are incorrect for the Santiago (Chile) time zone.
  
  Note To fix this issue completely, you have to install KB 4484344 together with this update.
• The SPFx Web Part app can be removed at the second stage recycle bin. Even if the same Web Part app is still available in the site, the removal causes a Web Part app error.
  
  Note To fix this issue completely, you have to install KB 4484344 together with this update.
• A profile sync failure occurs if users configure the Active Directory (AD) import profile sync connection to use port 636 (LDAPS) instead of port 389.