Cumulative Update – Fixes May 2015 SharePoint 2010 (201505-SP2010)

Name: May 2015 Cumulative Update for SharePoint 2010

Build: ​14.0.7149.5000 ​

Its so hard to keep track of what bugs were fixed a cumulative update. I intend to share my reading and document the fixes that come out every month across SharePoint products. Who knows it may help someone some day!

Disclaimer: Cumulative Updates are to be applied specifically when you have an issue fixed by it, I recommend you keep a close eye on the security fixes that come with Cumulative Updates and then decide accordingly. Don’t rush to apply a Cumulative Update just for the sake of it. Many Cumulative Updates have had serious issues in the past and there’s no easy rollback!

For previous build numbers:


SharePoint Foundation 2010 fixes

Improvements and fixes

This security update contains fixes for the following nonsecurity issues:

  • Incoming email messages are not processed if the Sandboxed Solutions Resource Quota value for the site collection is set to 0.
  • When you open a page that contains multiple value lookup fields, you receive the following error message:
    Sorry, something went wrong Attempted to use an object that has ceased to exist. (Exception from HRESULT: 0x80030102 (STG_E_REVERTED))
  • Assume that you use the IfHasRights function to customize a Data Form Web Part (DFWP). When you save the form and go to the form in browser, you receive the following error message:
    Unable to display this Web Part. To troubleshoot the problem, open this Web page in a Microsoft SharePoint Foundation-compatible HTML editor such as Microsoft SharePoint Designer. If the problem persists, contact your Web server administrator.



Security Updates in May 2015 for SharePoint Foundation 2010:

Microsoft Security Bulletin: MS15-047

  • Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution – Microsoft SharePoint Page Content Vulnerabilities – CVE-2015-1700

Microsoft SharePoint Server 2010 Service Pack 2 (2956192)

Vulnerability information:

Remote code execution vulnerabilities exist when SharePoint Server improperly sanitizes specially crafted page content. An authenticated attacker could attempt to exploit these vulnerabilities by sending specially crafted page content to a SharePoint server. The attacker who successfully exploited these vulnerabilities could run arbitrary code in the security context of the W3WP service account on the target SharePoint site. Systems that are running an affected version of SharePoint Server are primarily at risk.



SharePoint Server 2010 fixes (includes the above fixes)

  • Translates some terms to multiple languages to make sure the accuracy of the meaning.



  • Updates Yoruba proofing tools.



Security Updates in May 2015 for SharePoint Server 2010:

Microsoft Security Bulletin: MS15-046

  • Vulnerabilities in Microsoft Office Could Allow Remote Code Execution – Memory Corruption Vulnerability CVE-2015-1682

Microsoft SharePoint Server 2010 Service Pack 2 – Word Automation Services (2965233)

Microsoft SharePoint Server 2010 Service Pack 2 – Excel Services (2956194)


Vulnerability information:

Remote code execution vulnerabilities exist in Microsoft Office software when the Office software fails to properly handle objects in memory.

Exploitation of these vulnerabilities requires that a user open a specially crafted file with an affected version of Microsoft Office software. In an email attack scenario an attacker could exploit the vulnerabilities by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerabilities. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or Instant Messenger message.

An attacker who successfully exploited these vulnerabilities could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Project Server 2010 (includes the above fixes)

Fixes the following issues:

  • When you try to insert a task for a project in the Schedule Web Part in Project Web App, you receive the following error message:
    This edit is unsupported in Project Web App.
    This issue occurs if the project has a particular structure of outline levels or task indentations and if you are using Internet Explorer 11.
  • When you export or print a resource plan for a project in Project Web App, the work or full-time equivalent is incorrect. For example, suppose that you enter the values 1d, 2d, and 3d. The print may show the values as 0.63d, 1.75d, and 2.63d.
  • When you publish a project in Project Web App in which tasks contain formulas that use the ProjDateDiff function, incorrect calculations may be made. This issue occurs if your project calendar does not use the default calendar configuration (08:00-12:00 and 13:00-17:00).


Antivirus for SharePoint 2013

The aim of this post is to shed light on why you need an antivirus for SharePoint. This post could be served as you ‘business case’ for an antivirus to pass on to your Security team / management.

Here are some of my notes gathered from various blogs that I have read, discussions and presentations that I have had:

  1. ForeFront antivirus for SharePoint 2010 wont work for SharePoint 2013 (not supported by Microsoft)
  2. Microsoft is discontinuing support for ForeFront antivirus for SharePoint 2010 31st December 2015 – there are no replacement products except third part vendors. Lots of backlash from MS customers.
  3. We can apply the extension period so that we have additional time to migrate to an alternative solution for SharePoint 2010 protection but its important to note there is no protection from Microsoft for SharePoint 2013.
  4. Documents uploaded into SharePoint can of course contain malware
  5. Once documents are in a SharePoint database, file system antivirus engines cannot understand / detect malware, infected files found in SharePoint content databases
  6. Antivirus for SharePoint prevents SharePoint from becoming a repository of infected files by scanning and cleaning files stored in SharePoint which are not accessible to endpoint AV solutions
  7. Antivirus for SharePoint detects, removes viruses, spyware, malware and other threats in files uploaded to and downloaded from SharePoint servers
  8. While your own organisations workstations and antivirus are properly implemented and maintained, there is a risk that your customers/suppliers/federated partners files & content may contain threats. The risk is your own organisation has no control over what content is uploaded into and downloaded from your SharePoint farms, depending on how your SharePoint sites are consumed. You might not have the opportunity to clean files being uploaded to a SharePoint site if the end users (in federated partner scenario) has an out-dated laptop containing malware.
  9. Antivirus for SharePoint is the only defense we have against this risk of malware in SharePoint content databases.
  10. It is advisable to install the file system Antivirus in addition to a SharePoint antivirus. Note you must exclude certain folders from being scanned by the file system antivirus.



SharePoint 2013 introduces NO CHANGES to the SharePoint Antivirus API (a.k.a SharePoint Portal Server Virus Scanning Application Programming Interface (VS API)). Source:


Documents can of course contain malware but it’s just not the most common vector. Source:


Prevents your SharePoint server from becoming a repository of infected files by scanning and cleaning files stored in SharePoint which are not accessible to endpoint AV solutions. Source:


Symantec Protection for SharePoint Servers detects and removes viruses, spyware, and other threats in files uploaded to and downloaded from your SharePoint server(s). Source:


MSMS interfaces with SharePoint using the recommended security architecture via the SharePoint VirusScan API and SharePoint Object Model. Source:


What are the options for SharePoint 2013 Antivirus?


Symantec Protection for SharePoint Servers

  • Familiar vendor to a lot of environements
  • Can be used with Symantec Enterprise Vault for SharePoint and Symantec Backup Exec for SharePoint to deliver a comprehensive security, archiving, and data recovery solution.



ESET® Security for Microsoft SharePoint Server

  • First engine for SharePoint 2013 – very customisable / powerful.
  • Very light and efficient antivirus



Kaspersky Security for Collaboration (SharePoint)

  • Light and well known vendor, well trusted security solution



McAfee Security for Microsoft SharePoint

  • No comment at this time.



Sophos SharePoint Security

  • No comment at this time.



TrendMicro PortalProtect SharePoint Security

  • No comment at this time.


If you have experience in any of the above, I’ll be happy to hear from you.

Thanks! Jeremy

Training: Exam 70-533 Implementing Microsoft Azure Infrastructure Solutions

Need to pass the 70-533 exam? Get free approximately 16 hours of Azure training and pass the exam.

This training was a 4 hour training over 4 days. I made it to the live training on Day 1 but couldn’t wake up the subsequent days as the training commenced at 4AM in my time zone.

Luckily, its all recorded for us:


Topics include:

AlwaysOn Availability Groups Real life lessons video by SQL MCM Brent Ozar

This is a nice video by Brent Ozar on AlwaysOn Availability Groups: Real-Life Lessons Learned.

In this video, Brent explains what is ‘AlwaysOn’, AlwaysOn Availability Groups and the way that they work. AlwaysOn Failover Clustering is exactly the same as the Failover clustering but AlwaysOn Availability Groups is different – requires SQL 2012 Enterprise.

Brent talks about issues with hotfixes and keeping on top of them and real life Microsoft support issues.

Lessons learned on Windows Setup, Quorum Backups and Monitoring.




SharePoint apps infographics

The apps for SharePoint infographics published by Microsoft are really handy when it comes to understanding SharePoint apps. Learn what you can do with SharePoint apps and the various features, benefits, limitations (considerations) and hosting options you have when planning for SharePoint apps.


What is SharePoint

Why build apps

What apps can do

Map concepts to apps

API landscape

SharePoint-hosted apps

ACS Provider-hosted apps

High-trust apps

Cross-domain apps

Hosting options

App types at a glance

Data storage options

External data access options

Get SharePoint data

SharePoint workflows


Download the pdfs from here:

View infographics online:

SharePoint Distributed Cache & Dynamic memory with Hyper-V and VMWare

There is a guidance from Microsoft to be followed with virtual machines (VM) running SharePoint 2013. The guidance is “you must not configure the VM with Dynamic Memory”.


There are two issues if you do configure the VM with dynamic memory:

  1. Performance
  2. Not supported by Microsoft SharePoint Product team


In fact, the Dynamic Memory setting is referenced in a Microsoft article on unsupported scenarios “Certain Microsoft SharePoint Server 2013 installation scenarios are not supported

This article describes Microsoft SharePoint Server 2013 installation scenarios that are not supported:

You install SharePoint Server 2013 on a virtual machine (VM) that uses Dynamic Memory. For more information about best practice configurations for SharePoint Server 2013 and virtual machines, go to the following Microsoft TechNet website: Use best practice configurations for the SharePoint 2013 virtual machines and Hyper-V environment


The Distributed Cache service can run on either a physical or virtual server. When using virtualization, do not use Dynamic Memory to manage shared memory resources among other virtual machines and the Distributed Cache servers. The memory allocation for virtualized Distributed Cache servers must be fixed. Source:


The memory allocation for virtualized Distributed Cache servers must be fixed.



OK, so that’s Microsoft world – so Microsoft Hyper-V. What about VMware then?

Until now, I haven’t found any guidance on for Vmware as all the official documentation mentions “Dynamic Memory” which alludes to the setting in Microsoft Hyper-V.


It is important that the cache cluster runs in a homogeneous environment of servers. It is not supported for cache hosts to have different physical specifications in memory, processor speed, and other capabilities.



The cache cluster is a collection of one or more instances of the Caching Service working together in the form of a ring to store and distribute data. Data is stored in memory to minimize response times for data requests





Finally found something that has ‘VMWare’ mentioned in it in respect to the SharePoint Distributed Cache.

Joerg Sinemus , Microsoft Germany states in his blog..


Caching services are used to improve performance because these services are optimized to work with the amount of memory installed on a server. In case the memory will vary during the uptime of the server, there might be a need to also implement those features into a Caching-Service. That makes no sense because of the nature a Caching Service has.

In other words our SharePoint product group cannot support scenarios when Distributed Cache is needed/running and someone has concerns about performance or stability because of Dynamic Memory configuration in any Virtual Environment.

The best way for a customer to make this guarantee is to set the VM sizes (static memory) of the guests such that their sum is less than the memory available on the physical machine, i.e. don’t use the overcommit feature or dynamic memory.”



Most of the environments I work in have Vmware for virtualisation, so I hope this clears up some doubts for VMware ESX Administrators until I get an official response from Microsoft.




Converting Vmware vmdk to Hyper-V vhd


You have a vmdk file for Vmware and want to convert it to a Hyper-V compatible hard disk file such as vhd.



Download Microsoft Virtual Machine Converter Solution Accelerator (4.3MB)

It works on Windows 7, Windows Server 2008 R2, Windows Server 2012

Once installed, run the following:

In a command prompt window, go to the path to MVDC.exe (32bit is usually installed here by default – C:\Program Files (x86)\Microsoft Virtual Machine Converter Solution Accelerator).

MDVC.exe ‘path to vmdk file’ ‘path to vhd file’


cd '.\Program Files (x86)\Microsoft Virtual Machine Converter Solution Accelerator'
.\MVDC.exe 'D:\Temp\SERVER123.vmdk' 'D:\Temp\SERVER123.vhd'

Once your file is a vhd, you can easily import it into Microsoft Hyper-V and convert it to a vhdx.


  • If you want to convert several machines at once, then look at the Migration Automation Toolkit.

The Migration Automation Toolkit is a collection of PowerShell scripts that will automate conversions using MVMC and it is back ended by a SQL instance (SQL Express will work). You can use it to convert several machines at once, on a single server – or scale it out and execute conversions on many servers at the same time.

Removing unlicensed users in Office 365

I was faced with a situation where I had 17,020 users that synced up into Office 365 but my Office 365 license was like about 5…

So one of the quickest paths I took was to fire up PowerShell and remove all users that did not have a license.

These are the steps I took to get the job done:



Type in your Office 365 Global Admin credentials:


Get-MsolUser -all | Where-Object {$_.isLicensed -ne "true"} | Remove-MsolUser -Force


Anyway, curious to see the rate it deleted the users, I thought of monitoring the process by opening another PowerShell window and ran this:


Type in your Office 365 Global Admin credentials

Get-MsolUser -All | measure


Turns out the above command took three minutes to run (around 15,600 users) and deleted approximately 36 users per minute. The above command, will progressively run faster as the user count goes down.

Once I’m done, I’ll be configuring up the DirSync version of Forefront Identity Manager 2010 R2 (FIM) to selectively sync a few of the choicest users in my AD infrastructure.


ULS log viewer for SharePoint 2013

Good news for all the on-premises SharePoint Infrastructure Admins and Developers. An improved ULS Log viewer for SharePoint 2013 has been released a few days ago. I was concerned for a couple of years that there wasn’t any movement on updating my number 1 favourite SharePoint tool. However, I did see a video where Bill Baer there was a hint of how bad the tool was and they’d do something about the tool.. so here it is – a new ULS Log Viewer……

Download it here:

Some new features:

1. Monitor multiple servers simultaneously


2. Locate specific log entries via command line

3. Highlight and personalise the output if a filter match occurs

Some fixes I have noticed:

1. More stability when working with the filters

2. Multiple fixes such as filtering on pause state


Can we use it for SharePoint 2010?

Yes! It works well for SharePoint 2010. However, you would need to ensure that .NET 4.5.1 is installed on the server you run ULS Viewer on. With SharePoint 2010, .NET 3.5 is used and you might not find .NET 4.5.1 on your SharePoint 2010 servers.

Download Microsoft .NET Framework 4.5.1 (Offline Installer) here:

I have tested it successfully on Windows Server 2012, Windows Server 2012 R2 and Windows Server 2008 R2.