Microsoft Releases SharePoint Server Subscription Edition Update 23H2

Microsoft SharePoint

Key takeaways:

  • Microsoft’s 23H2 update for SharePoint Server SE introduces AMSI protection, enhancing security by scanning web requests for potential threats before reaching SharePoint Server.
  • The update includes a new SharePoint health analyzer rule and LDAP support in the People Picker.
  • IT administrators can now manage feature release rings through PowerShell, offering greater deployment flexibility.

Microsoft has announced the release of a new feature update (23H2) for SharePoint Server Subscription Edition (SE). Among the highlights is the integration of Antimalware Scan Interface (AMSI) protection, which is now enabled by default across all supported SharePoint Server products.

“It allows SharePoint Server to work with AMSI-compatible antimalware solutions such as Microsoft Defender to scan all web requests sent to SharePoint Server. Antimalware solutions examine each web request against their own signatures and heuristics to determine if a request is potentially malicious. If it’s determined to be potentially malicious, they will block the web request before it’s handed off to SharePoint Server to be processed,” Microsoft explained.

Microsoft highlights that this approach allows customers to quickly update and distribute antimalware signatures. This eliminates the need for end users to install the updates manually in order to protect their systems against old and emerging security threats. This capability is available for SharePoint Server 2016, SharePoint Server 2019, and SharePoint Server SE.

AMSI health analyzer rule

Microsoft has added a new SharePoint health analyzer rule for SharePoint Server Subscription Edition, 2019, and 2016. The feature sends “simulated web requests” to actively verify that AMSI is working properly on any application. Meanwhile, IT admins will be able to view a report about any failures and mitigation strategies within SharePoint Central Administration.

People Picker supports LDAPS

Microsoft also announced that the People Picker now supports the Secure Lightweight Directory Access Protocol. The People Picker feature allows users to find users and groups in Active Directory forests and domains. This release lets People Picker protect LDAP traffic to TCP ports 636 and 3269 with TLS connection encryption.

New PowerShell cmdlets to manage feature release rings

SharePoint Server Subscription Edition version 23H2 lets IT admins choose the release rings option to deploy feature updates through PowerShell. “Up until now, organizations could only make this choice through the Feature Release Preference page in SharePoint Central Administration,” which was a limitation on those organizations that carry out scripted deployments,” Microsoft added.

Last but not least, Microsoft notes that it’s now possible for organizations to apply custom branding to the Suite Bar. The feature lets SharePoint admins add custom text, hyperlinks, color schemes, and logos to all sites within a web app.