Important: This article contains information that shows you how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific problem. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this workaround in your particular environment. If you implement this workaround, take any appropriate additional steps to help protect the computer.

Symptoms

After you install the following September security updates for Microsoft SharePoint Server, some Microsoft SharePoint 2010 workflow scenarios might be blocked:

Additionally, event tags "c42q8," "c42ra," and "c42rh" are logged in SharePoint Unified Logging System (ULS) logs. 

Cause

To strengthen its security, SharePoint no longer trusts all types in the System.Workflow.Activities and System.Workflow.ComponentModel assemblies as authorized types by default. Instead, individual types from these assemblies have been added as authorized or unauthorized. If a SharePoint 2010 workflow relies on a type that is no longer authorized, users will see the behavior described in the "Symptoms" section of this article.

Workaround

Warning: Types that are in the AuthorizedTypes list of SharePoint’s Web.config file have gone through security review and are considered safe for use by the SharePoint 2010 workflow engine. You should run a security review of any types that you want to add to the list to make sure that they are safe for use in your environment.

If a SharePoint 2010 workflow relies on a type that is no longer authorized, you can add it as an authorized type to the <configuration/System.Workflow.ComponentModel.WorkflowCompiler/authorizedTypes> node in the Web.config file of your web applications.

Need more help?

Expand your skills

EXPLORE TRAINING >

Get new features first

JOIN MICROSOFT INSIDERS >

Was this information helpful?

What affected your experience?

Thank you for your feedback!

×