After applying .NET security fixes released in September 2018 to address CVE-2018-8421 SharePoint workflows stop working


After applying .NET Security Only patch to resolve CVE-2018-8421 (Remote Code Execution Vulnerability), all SharePoint out of the box Workflow fails to execute and the log will show an error like this:

09/13/2018 01:59:07.57 w3wp.exe (0x1868) 0x22FC SharePoint Foundation Workflow Infrastructure 72fs Unexpected RunWorkflow: 

Microsoft.SharePoint.SPException: <Error>
<CompilerError Line="-1" Column="-1" Text="Type System.CodeDom.CodeBinaryOperatorExpression is not marked as authorized in the application configuration file." />
<CompilerError Line="-1" Column="-1" Text="Type System.CodeDom.CodeBinaryOperatorExpression is not marked as authorized in the application configuration file." />
<CompilerError Line="-1" Column="-1" Text="Type System.CodeDom.CodeBinaryOperatorExpression is not marked as authorized in the application configuration file." />
<CompilerError Line="-1" Column="-1" Text="Type System.CodeDom.CodeBinaryOperatorExpression is not marked as authorized in the application configuration file." />
<CompilerError Line="-1" Column="-1"…

For more details about the issue, a technical explanation and the solution, please have a look at the blog post created by my colleauge Rodney Viana:

Comments (2)

  1. Luigi Bruno says:

    Are you aware of any potential impact on the custom workflows running on the Workflow Manager?

Skip to main content