Microsoft KB4340558 (July 10, 2018) Breaks ExCM’s SharePoint 2013 FBA SignIn.aspx page

Customers of Extranet Collaboration Manager for SharePoint 2013 need to be aware that the July 10, 2018 patches discussed in Microsoft KB4340588 will cause ExCM’s forms-based authentication SignIn.aspx page to break.  The result will be that users experience a 403 Forbidden error message when attempting to sign in to an extranet site:

image
The only solution to the problem as of this initial writing (July 19, 2018) is to uninstall the associated Windows Server patches.

For Windows Server 2012 R2, these two patches are the ones that need to be uninstalled:
image

KB4338424

KB4338419

Note:  KB4340558 is a rollup patch that contains KB4338424 and KB4338419.  It will be labeled in Windows Update like this:

image

So, while KB4340558 is the patch that gets INSTALLED initially, to remove it you actually UNINSTALL KB4338424 and KB4338419.

Also, be aware that on other versions of Windows Server, the patches may have different KB numbers.

At this time, it is unclear what changes to the .NET Framework were made by Microsoft in these patches that cause the ExCM FBA Sign In page to not work properly.  The description that Microsoft provides of the patches does not give any information that would lead us to believe that the ExCM page would no longer work after applying the Windows Server patches.

Our team is investigating the problem further to try to narrow down what may have changed to the .NET Framework in KB4340558 that has impacted ExCM.  We will update this post when we know more details.

Finally, our testing of Extranet Collaboration Manager for SharePoint 2016 indicates that this Microsoft patch DOES NOT cause the same problem.  ExCM 2016 customers should not be affected, therefore.  Also, this fact leads us to believe that it is possible that the root cause of the problem is that the patch actually breaks SharePoint 2013’s built-in feature that supports custom FBA Sign In pages in general, regardless of whether it is ExCM’s custom FBA Sign In pages or someone else’s.  From SharePoint 2013 Central Administration, this is the particular feature we are referring to:

image

from SharePoint Solutions Blog https://ift.tt/2mtTNOn
via IFTTT