After a recent .Net update that was rolled up into a Windows Server update, SharePoint workflows are failing to start. Microsoft is working on a bug fix for this issue but has a workaround to get back up and running quickly.
Two Big Issues with SharePoint Environments
Before I start on the workaround or issue itself, I’d like to highlight two issues we see a lot with environments we work on. The first issue is that thorough testing doesn’t always happen post-server and post-SharePoint patching. Making sure you have a good testing plan in place is crucial. The second issue is that many organizations don’t have test environments to appropriately test out their patching.
So What’s the Patch Issue This Time?
Microsoft pushed a patch to the .Net framework via a rolled up Windows Security patch. This patch was then pushed to Windows servers via Windows Update. This Microsoft blog talks to the .Net vulnerability and what the KB numbers are per server OS.
We suggest not applying these patches if possible. But, if they have already been applied, Microsoft has released a workaround. As stated above, Microsoft is working on a patch fix, but until that comes out, the provided workaround will resolve the issue.
Microsoft has released a Support article with the official workaround, but it is missing some details that we’ve found while applying this fix.
This blog post from Rodney Viana at Microsoft has a full explanation of the issue and workaround with two PowerShell files on GitHub from Joe Rodgers. Running these scripts on the affected farms and then restarting the IIS and Timer Service has resolved the issue for clients.
The video in Rodney’s article also shows the step-by-step process of how to resolve the issue using these scripts. The one piece to keep in mind is that, if you have Nintex, you’ll need to apply the first of the two scripts with the -IncludeNintexWorkflow switch.
Make Sure to Research and Test All Patches
Patching can be a tricky thing when it comes to SharePoint. SharePoint patches have broken many things in the past on their own. But, as seen in this case, Windows patches can even break other applications like SharePoint and Nintex. Researching and testing the patches being pushed is a great way to alleviate the need for unexpected outages.