Skip Ribbon Commands
Skip to main content

Quick Launch

Todd Klindt's home page > Todd Klindt's Office 365 Admin Blog > Posts > Patches causes SharePoint Workflows to Stop Working
September 15
Patches causes SharePoint Workflows to Stop Working

This isn’t specifically a SharePoint patching issue, but it’s close enough I thought I’d add it. A recent .NET security patch, KB 4457916, while doing a bang-up job fixing a remote exploitation in .NET, broke Workflows in SharePoint. Of course you could uninstall the patch, but everyone except the bad guys think that’s a horrible idea. Fortunately there’s a  fix that allows you all the protection of the patch as well as continue to enjoy SharePoint workflows. This blog post on MSDN provides the solution;

After that, you should be good to go.

This issue punctuates why it’s important to keep an eye on the Windows patches on your SharePoint servers. If you’re using some sort of patch distribution service, like WSUS, your SharePoint servers should be in their own group.

If you’ve had any experience with this patch or the fix, leave a comment below.

tk

ShortURL: https://www.toddklindt.com/PatchBreaksWorkflow

Comments

People Picker Auto-Pop Not Working

Not sure if it's related, but I've also noticed after installing this update that the auto-pop dropdowns for OOTB people picker fields aren't working. I did update the web.config files already per the link in your post.

Still in the process of troubleshooting, but I do know they were working last Friday, prior to when I applied patches
 on 9/19/2018 1:06 PM

Re: People Picker Auto-Pop Not Working

Thanks for posting. Let me know if you find anything out.

tk
Todd O. KlindtNo presence information on 9/20/2018 9:28 AM

Fix

This fixed 75% of them.  Three-state ones when they have someone in the assigned To, it's still now working.

https://blogs.msdn.microsoft.com/rodneyviana/2018/09/13/after-installing-net-security-patches-to-address-cve-2018-8421-sharepoint-workflows-stop-working/ 
 on 9/20/2018 3:26 PM

bad workaround by MS

workaround provided by MS only solves OOTB workflow and not complex ones. finally uninstall solved all workflow issue.
 on 9/28/2018 9:47 AM

Re: Patches causes SharePoint Workflows to Stop Working

Just in case anyone CONTINUES to have problems try going ahead and copying ALL of the <authorizedType> entries from one of your web.configs and to the [SharePoint Hive Folder]\bin\OWSTIMER.EXE.config and see if that solves you problem.  For some reason I needed more than the recommended list and scripts added in order for the Timer service to successfully kick of workflows for instance if I start them via powershell.

Jonathan
 on 10/10/2018 3:36 PM

"workaround"

We uninstalled the two patches affecting Nintex workflows for on-prem 2016 SharePoint and waited, expecting a reissue of the patches this month, but have not seen anything. Isn't it realistic to expect MS to reissue them, since this affected their own workflows, not only 3rd party workflows, and all the 10s of 1000s of SharePoint implentations across the world may or may not have admins who are familiar with running scripts or adding config entries? This just seems extremely poor business practice. Wondering if you'd heard anything regarding reissue.
 on 10/11/2018 2:43 PM

no MSFT update

Just had to uninstall and apply the workaround to a client environment again after uninstalling the KBs last month. Looks like there still hasn't been a fix put out to resolve the issue caused by that set of .NET patches.
 on 10/11/2018 4:46 PM

Issue Resolved !!

Workflows issues resolved after running the script from below blog.

https://blogs.msdn.microsoft.com/rodneyviana/2018/09/13/after-installing-net-security-patches-to-address-cve-2018-8421-sharepoint-workflows-stop-working/ 

If you are facing issue with nintex workflow run with switch as -include Nintex.
 on 10/18/2018 2:16 PM

 .NET security patch, KB 4457916 Fix

Hi Todd,

Thank you for the great post.

Did Microsoft release a fix for .NET security patch, KB 4457916? What would you recommend regarding skipping the security patch or wait for the fix?


 on 10/25/2018 1:28 PM

Fix in progress

Our team ran into this workflow issue during testing. We quickly found articles and MSFT's post to apply the SP fix which we are 15% complete ATT. We have several environments we maintain 24/7 including dev, QA, and productions. Thanks to this site and all contributors for pointing out support.
 on 11/4/2018 3:01 PM
1 - 10Next

Add Comment

Items on this list require content approval. Your submission will not appear in public views until approved by someone with proper rights. More information on content approval.

Title


Body *


Today's date *

Select a date from the calendar.
Please enter today's date so I know you are a real person

Twitter


Want a message when I reply to your comment? Put your Twitter handle here.

Attachments

 

 SysKit