Resolved: SharePoint 2010 Workflows Failing on SPSE After September 2025 CU

Introduction

A critical issue has been resolved where SharePoint 2010 workflows were failing on SharePoint Foundation 2010 (SPSE) after installing the September 2025 Cumulative Update (CU). This issue stemmed from a new Exploit Protection setting introduced in Windows.

Root Cause

The September 2025 CU added a new Exploit Protection setting that enhances security by applying protections to OWSTIMER.EXE. One of these protections prevents the creation of child processes. SharePoint 2010 workflows rely on the CSC.EXE compiler to compile workflow definitions, and this process was failing due to the new Exploit Protection setting.

Resolution

To resolve this issue, you need to disable the 'Prevent child process creation' option within the Exploit Protection settings. This can be achieved through the Registry Editor (regedit).

Registry Modification

Locate the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OWSTIMER.EXE\MitigationOptions

Set the MitigationOptions value to 200000000 (hexadecimal).

Warning: Incorrectly editing the registry can damage your system. It is recommended to back up the registry before making any changes.

Further Information

For more detailed information about this issue and its resolution, refer to Stefan Gossner's blog post.