Microsoft released a few .NET patches in September 2018 that patch for CVE-2018-8421 which is a .NET Framework Remote Code Execution Vulnerability. Some people have reported that after installing the patches (mainly KB4457916 and KB4457035), their Workflows fail to execute and the logs will show an error similar to this:
Microsoft.SharePoint.SPException: <Error><CompilerError Line="-1" Column="-1" Text="Type System.CodeDom.CodeBinaryOperatorExpression is not marked as authorized in the application configuration file."
Existing workflows usually proceed working, but deploying or starting a new workflow gives the message "Failed on start".
In order to fix this we created a Powershell script. This script will add authorization for workflows in web.config files on each SharePoint server. This needs to be done to allow SharePoint to use the advanced workflows.
Use the following steps to fix the issue:
1. Download the script "FixSharePointWorkflowSecurityPatch.ps1"
2. Open an RDP session to a SharePoint server (excluding search!) with sufficient permissions (Farm admin)
3. Paste the "FixSharePointWorkflowSecurityPatch.ps1" script to a safe location
4. Run the script by right-clicking it and selecting "Run with Powershell"
You will see a bunch of verbose logging about authorizedtypes and the script will automatically close once completed.
To check if the script was successful, open a web.config file of a SharePoint web application and look for the following lines:
Bijlagen
Bij Cadac maken we onderscheid tussen Sales, Service & Support. Sales & Service vinden wij vanzelfsprekend. Wij helpen u met de aanschaf van uw product, dienst, training of expert en zorgen ervoor dat u probleemloos aan de slag kunt. Gratis en voor niets. U kunt zorgeloos met uw software starten, wij zorgen ervoor dat u het meeste uit uw software kunt halen.
Loopt u tegen technische softwareproblemen aan? Dan kunt u gebruik maken van Cadac Support. Door de juiste informatie in te dienen kunnen wij u zo snel mogelijk helpen
