SharePoint Workflows go belly-up when you install the September .Net Security Only patch

Credit to Author: Woody Leonhard| Date: Mon, 17 Sep 2018 08:29:00 -0700

‘Softie Rodney Viana has posted details and a workaround for the “System.CodeDom.CodeBinaryOperatorExpression is not marked as authorized” bug.

Apparently, installing last Tuesday’s KB 4457916 Security Only updates for .Net Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1 and Server 2012 R2 causes a hard stop with any SharePoint Workflows. (Workflows are set up by an admin to handle the flow of documents through a series of steps.)

The net result: A hard hiccup anytime a document enters a Workflow.

The solution, per Viana, is to manually enter an <authorizedType> tag in the .Net config file.

At this point I haven’t seen the error appear with other variations of the CVE-2018-8421 .NET Framework Remote Code Execution Vulnerability patch, but “Week B” just fell into the Recycle Bin and “Week C” looms.

Of course, there’s no warning about the error in the KB article.

Thx @columbia2011

Join us for patch divination on the  AskWoody Lounge.

http://www.computerworld.com/category/security/index.rss