With September 2022 CU/PU additional steps might be required to prevent unexpected problems after applying the updates.
The following information is included in the KB articles for SharePoint 2013, 2016, 2019 and Subscription Edition:
Known issues in this update
- Some Web Part Pages Web Service methods may be affected after you apply the September 2022 security update. For more information, see Web Part Pages Web Service methods may be blocked after applying the September 2022 security update for SharePoint Server (KB5017733).
- Some SharePoint 2010 workflow scenarios may be blocked. For more information, see SharePoint 2010 workflows may be blocked by enhanced security policy (KB5017760).
- This security update introduces a change in SharePoint Server that will affect customers who use the Document Generation capability in Nintex Workflow. Nintex Workflow customers must take additional action after this security update is installed to make sure that workflows can be published and run. For more information, see https://go.microsoft.com/fwlink/?LinkId=2206156. For support for Nintex Workflow, contact Nintex.
Important: we recommend to evaluate all SharePoint updates in a test environment against all business critical functions and processes before applying in production as SharePoint fixes cannot be uninstalled.
More details in my blog post about SharePoint Patching Best Practices.
Permalink
Stefan, do the first two issues mainly apply if you have code based custom solutions deployed in your farm or can they also impact out of the box items as well. Thanks in advance for your response.
-Daniel
Permalink
The main purpose is to address issues with custom solutions. I do not have sufficient information to confirm whether or not there are scenarios which include only out of the box controls/actions that can lead to the problem.
Permalink
Stefan,
Microsoft did not describe what they were blocking. Microsoft has a many administrators on edge because of this patch and there is a history of poor communications in these patch. I think it would be appropriate for you to look into this.
The last time this happened another Microsoft Employee created a PowerShell script to fix this. I am not suggesting that he or you do that but without DETAILS of what is being blocked we as administrators cannot be prepared to fix this potential issue. The solution is not to us to spend more monies to open up a ticket with support, the solution is for Microsoft to provide information so we can be prepared to take action.
Permalink
Hi Gene, I just started a 3 week vacation – so I am not able to look into this right now. If you need clarification I would suggest to open a ticket with Microsoft support.
Permalink
Hello Stefan,
thank you for the Information provided here.
As we are involved in many Clients with SharePoint 2019 and their Patching Process I like to know:
Is it planed to provide the recommended Changes ( Web.Config ) in the Future – May be in October 2022?
Background …
Some of our Customer are having many Web-Applications … and with this there are lot’s of Config-Files ( Web.Config ). I remember some security Issues where we need to update a large amount of Config-Files “by hand” … One or two months later a PowerShell-Script was added or included.
With best regards
Stefan Schwarz
Permalink
There is currently no plan to provide a PowerShell script.
Permalink
Hi Stefan, about the “by hand” part: it is recommended to add the required information using the SPWebConfigModification class to the web.config to ensure that the info is persisted and automatically applied on all servers in the farm.
Permalink
Will the web.config update be included in the October or November CU?
Permalink
The required updates depend on the 3rd party components you are using. These have to be added by each customers individually.
Permalink
So are you saying that if no third party components are used, all three known issues can be ignored?
Permalink
Hi Stefan, is this KB5017733 only included in the CU, not in the PU, which is provided by windows updates? Best regards, Michael
Permalink
Hi Michael,
this known issue applies as well to the PU and the CU.
Cheers,
Stefan
Permalink
Hello Stefan,
I dont seem to find the CU September patch for SharePoint 2019 Enterprise. Was this patch released?
Thank you Stefan
Permalink
Hi Osamah,
see here: https://blog.stefan-gossner.com/2022/09/13/september-2022-cu-for-sharepoint-server-2019-is-available-for-download/
Cheers,
Stefan
Permalink
After September sharepoint 2016 patch installation we got below error from sharepoint designer workflows 2010
(-1, -1) Compilation failed. Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)))
all the OOB workflows are failed on start
Permalink
Hi Venkat,
has the configuration wizard been run after installing the fix?
If yes, I would recommend to open a ticket with Microsoft support to get this analyzed.
Cheers,
Stefan
Permalink
Thanks Stefan
Thanks Stefan
Permalink
Hi!
So if I understand this correctly these issue only affect custom solution, e.g. workflows developed in Visual stuidio? I only use SharePoint Designer out-of-the-box functionality in my SharePoint farm so shouldnt be affected right? Im a bit inexperienced as an administrator so any “issue” makes me cautious.
Thanks in advanced!
Permalink
That is correct. But as always: SharePoint fixes should be evaluated in a test environment before applying in production against business critical functionality as it is impossible to uninstall them.
Cheers,
Stefan
Permalink
Alright, thank you for quick response! 🙂
Permalink
Hi, Have installed the patch in a SP2019 with SP2010-Workflows.
All of sudden, my workflows are not able to retrieve information from UserProfile (Manager + Job Title)
I don’t really see the straight forward solution in the workaround from MS:
Some SharePoint 2010 workflow scenarios may be blocked. For more information, see SharePoint 2010 workflows may be blocked by enhanced security policy (KB5017760).