The product group released the September 2020 Cumulative Update for the SharePoint 2013 product family.
For September 2020 CU we have full server packages (also known as Uber packages) for all products. No other CU is required to fully patch SharePoint.
As this is a common question: Yes, September 2020 CU includes all fixes from September 2020 PU.
ATTENTION:
Be aware that all Updates for SharePoint 2013 require SharePoint Server 2013 SP1 to be installed first.
Please also have a look at the article that discusses how to properly patch a SharePoint 2013 farm which has Search enabled (see below).
Previous releases of the SharePoint Server 2013 cumulative update included both the executable and the .CAB file in the same self-extracting executable download. Because of the file size, the SharePoint Server 2013 package has been divided into several separate downloads. One contains the executable file, while the others contain the CAB file. All are necessary and must be placed in the same folder to successfully install the update. All are available by clicking the same Hotfix Download Available link in the KB article for the release.
This CU includes all SharePoint 2013 fixes (including all SharePoint 2013 security fixes) released since SP1. The CU does not include SP1. You need to install SP1 before installing this CU.
The KB articles for September 2020 CU should be available at the following locations in a couple of hours:
- KB 4484519 – SharePoint Foundation 2013 September 2020 CU
- KB 4484523 – SharePoint Server 2013 September 2020 CU
- KB 4484521 – Project Server 2013 September 2020 CU
- KB 4484518 – Office Web Apps Server 2013 September 2020 CU
The Full Server Packages for September 2020 CU are available through the following links:
- Download SharePoint Foundation 2013 September 2020 CU
- Download SharePoint Server 2013 September 2020 CU
- Download Project Server 2013 September 2020 CU
- Download Office Web Apps Server 2013 September 2020 CU
After installing the fixes you need to run the SharePoint 2013 Products Configuration Wizard on each machine in the farm. If you prefer to run the command line version psconfig.exe ensure to have a look here for the correct Options.
Be aware that the SharePoint Server 2013 CU contains the SharePoint Foundation 2013 CU. And the Project Server 2013 CU also contains the SharePoint Server 2013 CU and SharePoint Foundation 2013 CU.
Please ensure to have a look at the SharePoint Patching Best Practices before applying new fixes.
Related Info:
- Technet: Updated Product Servicing Policy for SharePoint 2013
- Blog: SharePoint Patching Best Practices
- Blog: Common Question: What is the difference between a PU, a CU and a COD?
- Blog: SharePoint Patching demystified
- Blog: Why I prefer PSCONFIGUI.EXE over PSCONFIG.EXE
- Blog: Support for SharePoint 2013 RTM has ended
- Blog: SP1 for SharePoint 2013
- Technet: CHANGE: SharePoint 2013 Rollup Update for the December 2013 Cumulative Update Packaging
- Technet: Install a software update for SharePoint 2013
- Blog: How to: install update packages on a SharePoint 2013 farm where search component and high availability search topologies are enabled
- Technet: Update Center for Microsoft Office, Office Servers, and Related Products
- Blog: SQL Server 2014 and SharePoint Server 2013
Permalink
After installing SharePoint Server 2013 September 2020 CU, we get this:
The base type ‘AC.Web.PageLayouts.ACPageLayouts.ACHomePage’ is not allowed for this page. The type AC.Web.PageLayouts.ACPageLayouts.ACHomePage, AC.Web, Version=1.0.0.0, Culture=en, PublicKeyToken=5f3d55c70580fe7d could not be found or it is not registered as safe.
Permalink
Hi James,
seems you are using custom ASP.NET controls with your page layout which are not registered as SafeControls.
See here for details:
https://support.microsoft.com/en-us/help/4572409/sharepoint-pages-not-render-when-using-unsafe-controls
Cheers,
Stefan
Permalink
Hi Stefan, we’re seeing this happen after applying Sep 2020 CU. The unsafe control fix doesn’t resolve the problem.
Container WebPart: The attribute ‘autoeventwireup’ is not allowed in this page.
at System.Web.UI.TemplateParser.ParseString(String text, VirtualPath virtualPath, Encoding fileEncoding) at System.Web.UI.TemplateParser.ParseFile(String physicalPath, VirtualPath virtualPath) at System.Web.UI.TemplateParser.ParseInternal() at System.Web.UI.TemplateParser.Parse() at System.Web.Compilation.BaseTemplateBuildProvider.get_CodeCompilerType() at System.Web.Compilation.BuildProvider.GetCompilerTypeFromBuildProvider(BuildProvider buildProvider) at System.Web.Compilation.BuildProvidersCompiler.ProcessBuildProviders() at System.Web.Compilation.BuildProvidersCompiler.PerformBuild() at System.Web.Compilation.BuildManager.CompileWebFile(VirtualPath virtualPath) at System.Web.Compilation.BuildManager.GetVPathBuildResultInternal(VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate) at System.Web.Compilation.BuildManager.GetVPathBuildResultWithNoAssert(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate) at System.Web.Compilation.BuildManager.GetVPathBuildResult(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean ensureIsUpToDate) at System.Web.UI.TemplateControl.LoadControl(VirtualPath virtualPath) at OurCustomFramework.WebParts.ContainerWebPart.CreateChildControls()
Permalink
Hi Desmond,
please open a ticket with Microsoft support to ensure that this issue is tracked and can be analyzed in more details.
Thanks,
Stefan
Permalink
After installing September 2020 CU for SharePoint 2013 we have started seeing following errors in few of the custom web parts:
Web Part Error: The control type ‘System.Data.DataTable’ is not allowed on this page. The type System.Data.DataTable, System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 could not be found or it is not registered as safe. Correlation ID: c206799f-10dd-7037-7d24-5086ce38d8a7.
Permalink
Hi Priyashil,
sounds as if you are running into this issue:
https://support.microsoft.com/en-us/help/4572409/sharepoint-pages-not-render-when-using-unsafe-controls
Cheers,
Stefan
Permalink
Stefan,
We are experiencing the following issue after the installation of this update:
The base type ‘VSSP.PageLayouts.Templates.IntranetPageLayout’ is not allowed for this page. The type VSSP.PageLayouts.Templates.IntranetPageLayout, VSSP, Version=1.0.0.0, Culture=neutral, PublicKeyToken=3499b5cce3f2192f could not be found or it is not registered as safe.
The assembly is marked as safe in the code and we have made sure that we have added SafeControl entries in the web.config. We have even gone as far as adding the suggested workaround code to the web.config as described in this article:
https://support.microsoft.com/en-us/help/4572409/sharepoint-pages-not-render-when-using-unsafe-controls
The same error continues to persist and it did not appear before this installation. What else can we try?
Permalink
Hi Eric,
yes – thats a side effect of a security fix released with September CU.
See here for details, solution and workaround:
https://support.microsoft.com/en-us/help/4572409/sharepoint-pages-not-render-when-using-unsafe-controls
Cheers,
Stefan
Permalink
Stefan,
I’m sorry but I don’t think you read the rest of my original question. We have already attempted to apply the workaround suggested in the article and that had no effect. The error still persists.
Permalink
Hi Eric,
you are right – did not read your comment in all detail. Sorry for that.
If the entry does not help, please open a support case with Microsoft to get this analyzed.
Cheers,
Stefan
Permalink
Hi Stefan,
We have noticed similar issues after deploying Sep’2020 CU, PublicKeyToken=1e621779d1cb1ec3 could not be found or it is not registered as safe.
Regards
Bimal
Permalink
After installing September 2020 CU for SharePoint 2013, the Search result sources page is throwing an unexpected error.
Permalink
Hi Preeti,
you might want to open a ticket with Microsoft to get this analyzed.
Cheers,
Stefan
Permalink
Thanks Stefan
Permalink
We had the same problem for the search results, searchfarmdashboard and searchadministration
We added this line in each site’s webconfig in the safecontrols section :
error message we had for the searchadministration :
The base type ‘Microsoft.Office.Server.Search.Internal.UI.SearchAdministration’ is not allowed for this page. The type Microsoft.Office.Server.Search.Internal.UI.SearchAdministration, Microsoft.Office.Server.Search, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c could not be found or it is not registered as safe.
Le type de base « Microsoft.Office.Server.Search.Internal.UI.SearchResultsLayoutPage » n’est pas autorisé pour cette page. Le type Microsoft.Office.Server.Search.Internal.UI.SearchResultsLayoutPage, Microsoft.Office.Server.Search, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c est introuvable ou n’est pas inscrit comme fiable.
Permalink
Hi Ben, did you run the config wizard after installing the fix? Because these lines are added when running it after installing the September fixes.
Permalink
Hi Stefan,
same issue here after the fix was installed. I cannot run the config wizard because it tells me that needed updates aren’t installed although they are installed. Get-SPProduct -local didn’t solve the issue. Any way to add the missing entries as quick fix to get Search Service Application to work again?
Best regards,
Markus
Permalink
Hi Markus,
please check on which machines the fixes are missing. They might be missing on a different machine than the one where you are running PSConfig.
If the fixes are indeed installed on all machines and after you ran Get-SPProduct -local on all machines you should open a ticket with Microsoft Support to evaluate what is wrong.
Cheers,
Stefan
Permalink
Can you give me any info on the config wizard. Getting the same error as the one in french up above.
Permalink
Hi Daron,
after every SharePoint fix installation you need to run the SharePoint Configuration Wizard which performs certain operations on the machine and in the database to finalize the fix installation.
Cheers,
Stefan
Permalink
Hi Stefan,
What if we have extreme volumes of data in content databases? Running SP Config will take some days to finish, so how can we mitigate the downtime if the content are huge?
Thanks
Satish
Permalink
Hi Satish,
for SP2013 we do not really have a solution.
Best would be to switch to SP2016 or SP2019 where zero-downtime can be achieved during patching.
Cheers,
Stefan
Permalink
Thanks Stefan.
Permalink
This security patch is causing problems with CorasWorks. We applied a work around for some of the webparts that were not rendering. This is the fix we applied to the web.config. CorasWorks Chart is still a problem.
Permalink
Hi Stepen
we are facing below issue
The base type ‘VSSP.PageLayouts.Templates.IntranetPageLayout’ is not allowed for this page. The type VSSP.PageLayouts.Templates.IntranetPageLayout, VSSP, Version=1.0.0.0, Culture=neutral, PublicKeyToken=3499b5cce3f2192f could not be found or it is not registered as safe.
« Microsoft.Office.Server.Search.Internal.UI.SearchResultsLayoutPage » n’est pas autorisé pour cette page. Le type Microsoft.Office.Server.Search.Internal.UI.SearchResultsLayoutPage, Microsoft.Office.Server.Search, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c
Permalink
Hi Jayaram,
for the first error please have a look here:
https://blog.stefan-gossner.com/2020/09/25/trending-issue-after-installing-september-2020-cu-and-pu-custom-pages-and-controls-fail-to-render/
The second issues seems to be about the Search Result sources page. This is a known issue in September CU which was fixed in October CU.
To fix it please install October CU.
Cheers,
Stefan
Permalink
Hi – is there a solution for it? We have the same problem and no workaround helps.
Permalink
Hi Steffen, a solution for what exactly?
Permalink
Ah okay sry 🙂
We have the same problem with custom solutions (masterpage, application pages) which are discribed above.
“The base type ” is not allowed for this page. The type could not be found or it is not registered as safe.”
AND
:: Code blocks are not allowed in this file.
System.Web.HttpException: Code blocks are not allowed in this file.
at System.Web.UI.TemplateParser.ProcessError(String message)
at System.Web.UI.TemplateParser.EnsureCodeAllowed()
at System.Web.UI.TemplateParser.ProcessCodeBlock(Match match, CodeBlockType blockType, String text)
at System.Web.UI.TemplateParser.ParseStringInternal(String text, Encoding fileEncoding)
at System.Web.UI.TemplateParser.ParseString(String text, VirtualPath virtualPath, Encoding fileEncoding)
We installed last week some security updates – then we got these errors.
So I want to know or find out if the installation of CU October 20 will fix this issue.
Thanks
Permalink
Hi Steffen,
this is caused by a design change introduced with a security fix.
By default all masterpages, page layouts and pages which have inline code are blocked. If required each of these items need to be explicitely “allowed” to ensure that administrators are aware of any such code pieces.
Details are here:
https://blog.stefan-gossner.com/2020/09/25/trending-issue-after-installing-september-2020-cu-and-pu-custom-pages-and-controls-fail-to-render/
Just to be clear: this is not something that will be “fixed” as this is the expected behavior if this security fix is installed.
Cheers,
Stefan
Permalink
I am getting the same issue with Search Center and also in CA,
IN CA:
The base type ‘Microsoft.Office.Server.Search.Internal.UI.SearchAdministration’ is not allowed for this page. The type Microsoft.Office.Server.Search.Internal.UI.SearchAdministration, Microsoft.Office.Server.Search, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c could not be found or it is not registered as safe.
Search Center:
An error occurred during the processing of /_catalogs/masterpage/searchmain.aspx. Code blocks are not allowed in this file.
Anybody has good idea why is the reason behind this?
Permalink
Hi Milinda,
running the SharePoint configuration wizard should add the required entries to the web.config.
Cheers,
Stefan
Permalink
Hello, Stefan.
After installing the security updates recently, I can see the below error in our logs…..
System.Web.HttpException (0x80004005): The Controls collection cannot be modified because the control contains code blocks (i.e. ).
at System.Web.UI.ControlCollection.Add(Control child)
at Collaboris.Readership.Web.WebControls.RibbonManager.get_ContainerControl()
at Collaboris.Readership.Web.WebControls.RibbonManager.CreateChildControls()
Thanks, Ca.
Permalink
Hi Chris,
this is a side effect of a recent security fix:
https://blog.stefan-gossner.com/2020/09/25/trending-issue-after-installing-september-2020-cu-and-pu-custom-pages-and-controls-fail-to-render/
Cheers,
Stefan