Malformed Element Signature in XML in Windows Server 2016 Build 14393.4046

Jean-Paul MESGUEN 26 Reputation points
2020-12-01T13:38:36.31+00:00

We try to use an old app on Windows Server 2016 build 14393.4046
Our app gets an exception when executing SignedXML.LoadXML(Element) => "Malformed Element Signature".
The problem appeared with Update KB4103723
=> Our app works fine on Windows Server 2016 build 14393.2248

Do anybody know how to solve this problem ?

Visual Studio
Visual Studio
A family of Microsoft suites of integrated development tools for building applications for Windows, the web and mobile devices.
4,853 questions
0 comments No comments
{count} votes

Accepted answer
  1. Tianyu Sun-MSFT 29,186 Reputation points Microsoft Vendor
    2020-12-02T06:53:51.683+00:00

    Hi @Jean-Paul MESGUEN ,

    Thank you for taking time to post this issue in Microsoft Q&A forum.

    It seems there are some compatible issues between your application and the Windows Server 2016 build 14393.4046 version. I am not sure what type of application you are using, but I suggest:

    1). Check both the Improvements and fixes and the Known issues in this update notes of KB4586830 and KB4103723.

    2). If possible, check the codes of the app, if there are some incompatible issues mentioned in official notes please try to change(improve) the codes of app, or, actually, I noticed that it is an old app, so maybe this app is developed and released by other company, you can communicate with the developers(authors or the related company) to seek for a professional update or fix.

    3). Send a Feedback to Windows. Search Feedback Hub in Windows Search Box and send feedback to Windows.

    4). As a temporary workaround, you can try to uninstall the KB package that you updated, and try to resolve the issues which may be hidden in the application first, then install the newer KB package.

    Best Regards,
    Tianyu

    • If the answer is helpful, please click "Accept Answer" and upvote it.
      Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Jean-Paul MESGUEN 26 Reputation points
    2020-12-02T07:16:54.017+00:00

    Hi,
    Thanks for your reply,
    We found the problem.
    Since KB4103723, the Framework seems to verify more strictly the conformity of xml elements to schemas. We think this is linked with CVE-2018-0765 correction.
    In our case, the signature schema is http://www.w3.org/2000/09/xmldsig#
    The 2nd app (creating the XML) inserts an extra element in the signature and it worked fine for years in our app.
    Now, our app rejects this file as this extra element in unexpected in a signature.
    We have to modify the 2nd app.

    1 person found this answer helpful.
    0 comments No comments