Share This Article:

Microsoft released a few .NET patches in September 2018 that patch for CVE-2018-8421 which is a .NET Framework Remote Code Execution Vulnerability. Some people have reported that after installing the patches (mainly KB4457916 and KB4457035), their out-of-the-box Workflows fail to execute and the logs will show an error similar to this:

09/13/2018 01:59:07.57 w3wp.exe (0x1868) 0x22FC SharePoint Foundation Workflow
Infrastructure 72fs Unexpected RunWorkflow:
Microsoft.SharePoint.SPException: <Error><CompilerError Line="-1" Column="-1" 
Text="Type System.CodeDom.CodeBinaryOperatorExpression is not marked
as authorized in the application configuration file."
 /><CompilerError Line="-1" Column="-1" Text="Type 
System.CodeDom.CodeBinaryOperatorExpression is not marked as authorized 
in the application configuration file." /><CompilerError Line="-1"
 Column="-1" Text="Type System.CodeDom.CodeBinaryOperatorExpression is 
not marked as authorized in the application configuration file." 
/><CompilerError Line="-1" Column="-1" Text="Type 
System.CodeDom.CodeBinaryOperatorExpression is not marked as authorized 
in the application configuration file." /><CompilerError Line="-1"
 Column="-1" Text="Type System.CodeDom.CodeBinaryOperatorExpression is 
not marked as authorized in the application configuration file." 
/><CompilerError Line="-1" Column="-1" Text="Type 
System.CodeDom.CodeBinaryOperatorExpression is not marked as authorized 
in the application configuration file." /><CompilerError Line="-1"
 Column="-1" Text="Type System.CodeDom.CodeBinaryOperatorExpression is 
not marked as authorized in the application configuration file." 
/><CompilerError Line="-1" Column="-1"…

Workflow Foundation will only run workflows when all the dependent types and assemblies are authorized in the .NET config file (or added explicitly via code) under this tree:

<configuration>

<System.Workflow.ComponentModel.WorkflowCompiler>

<authorizedTypes>

<targetFx>

How To Fix Sharepoint Workflows Stop Working After Patching

The fix will depend on the version of Sharepoint you’re using. You’ll need to add the code below to all of your application web.config files under the tree mentioned above. After making the changes below, you’ll need to restart IIS and possible reboot the Windows server before Workflows will start working again.

For Sharepoint 2013 or Newer

              <authorizedType Assembly=”System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″ NameSpace=”System.CodeDom” TypeName=”CodeBinaryOperatorExpression” Authorized=”True” />

<authorizedType Assembly=”System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″ NameSpace=”System.CodeDom” TypeName=”CodePrimitiveExpression” Authorized=”True” />

<authorizedType Assembly=”System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″ NameSpace=”System.CodeDom” TypeName=”CodeMethodInvokeExpression” Authorized=”True” />

<authorizedType Assembly=”System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″ NameSpace=”System.CodeDom” TypeName=”CodeMethodReferenceExpression” Authorized=”True” />

<authorizedType Assembly=”System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″ NameSpace=”System.CodeDom” TypeName=”CodeFieldReferenceExpression” Authorized=”True” />

<authorizedType Assembly=”System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″ NameSpace=”System.CodeDom” TypeName=”CodeThisReferenceExpression” Authorized=”True” />

<authorizedType Assembly=”System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″ NameSpace=”System.CodeDom” TypeName=”CodePropertyReferenceExpression” Authorized=”True” />

For Sharepoint 2007 or 2010

              <authorizedType Assembly=”System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″ NameSpace=”System.CodeDom” TypeName=”CodeBinaryOperatorExpression” Authorized=”True” />

<authorizedType Assembly=”System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″ NameSpace=”System.CodeDom” TypeName=”CodePrimitiveExpression” Authorized=”True” />

<authorizedType Assembly=”System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″ NameSpace=”System.CodeDom” TypeName=”CodeMethodInvokeExpression” Authorized=”True” />

<authorizedType Assembly=”System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″ NameSpace=”System.CodeDom” TypeName=”CodeMethodReferenceExpression” Authorized=”True” />

<authorizedType Assembly=”System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″ NameSpace=”System.CodeDom” TypeName=”CodeFieldReferenceExpression” Authorized=”True” />

<authorizedType Assembly=”System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″ NameSpace=”System.CodeDom” TypeName=”CodeThisReferenceExpression” Authorized=”True” />

<authorizedType Assembly=”System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″ NameSpace=”System.CodeDom” TypeName=”CodePropertyReferenceExpression” Authorized=”True” />

For more information regarding this issue, you can visit this MSDN Blog Post.


Share This Article:

 

Related Content