Cumulative Security Update for Internet Explorer (KB3032359) causes iframe functionality to fail to display when using Workflow Builder. This prevents the developer from creating or editing workflows in the TRIRIGA Application. Further, none of the content in task properties displays for existing workflow templates, and the actions in the properties panel fail to function. Corrective patches are not available at this time, either from the browser developer or from IBM TRIRIGA. Potential remediation/workaround is to remove that KB item.
Ryan Koppelman: Quick update: Microsoft now has multiple cases of this issue being reported to them, and it is being moved to an escalation engineer to determine the next steps. We will have another update by the end of the week.
Ryan Koppelman: Microsoft has taken a business impact statement and are pursuing the escalation process to make a patch available for users; we do not yet know how this patch will be offered, if approved. It may be some time before the Microsoft team makes a decision on this. In the meantime, a code workaround has been suggested on our end and is being tested internally. Assuming testing continues to go well, we plan to include this workaround fix in our upcoming 220.127.116.11 and 18.104.22.168 fix packs that are targeted for the May timeframe. We do not have plans currently to include this in release streams prior to 3.3.2.x. Please contact IBM support for questions on this, as well as any requests for earlier limited availability fix packs on 3.3.2 or 3.4.1.
A client has identified the latest IE patch breaking TRIRIGA Workflow. For those who cannot upgrade TRIRIGA yet, and while having the latest KB# is helpful, it seems to be a moving target delivered each month with the monthly Cumulative security update for Internet Explorer that breaks the Workflow Builder and that they should look for. Based on the install dates (below), the client expects a new one for June within the next week. Until they can install the 22.214.171.124 fix pack or upgrade to 3.4.2, they will keep looking for the latest IE cumulative security update to uninstall.
- KB3032359 MS15-018: Cumulative security update for Internet Explorer: March 10, 2015
- KB3038314 MS15-032: Cumulative security update for Internet Explorer: April 14, 2015
- KB3049563 MS15-043: Cumulative security update for Internet Explorer: May 12, 2015
- KB3058515 MS15-056: Cumulative security update for Internet Explorer: June 9, 2015 [Added 06.15.15 by Admin]
As of today there are 4 different updates that break the functionality. The KB article numbers are listed as the names of the updates vary depending on which version of Internet Explorer is installed. However, the KB Article number is in the name. They are also listed by release date. The first was in March’s patch Tuesday release, followed by April, May, and June’s.
- KB3032359 (March 2015)
- KB3038314 (April 2015)
- KB3049563 (May 2015)
- KB3058515 (June 2015)
Technote: After Microsoft Security patches KB3032359, KB3038314 and KB3049563 deployment, IBM TRIRIGA Workflow Builder will fail to render task properties. This has been identified as a product defect under APAR IV71104 due to the Microsoft Security Patch change (KB3032359, KB3038314, and KB3049563), regarding Adobe SVG run. Future MS security patches may also cause this issue.
[Admin: Here’s the original alert, plus related posts by Ryan and Melanie. Additional contributors have reported similar issues with KB3038314, KB3042553, KB3045685, and KB3045999.]