Recently Microsoft has released the September 2018 .NET Framework security updates to resolve CVE-2018-8421 (.NET Framework Remote Code Execution Vulnerability). When this update is applied to SharePoint on-premises environments, all SharePoint out-of-the-box and Nintex workflows will be impacted and may not run or fail to publish.
Workflow Foundation will only run SharePoint workflows when all dependent types and assemblies are authorized in the .NET config file so when this .net Framework security update is applied, some types that are used by SharePoint and Nintex workflow that were not previously required are now required.
You are impacted if you have applied the following .NET Framework security update to your SharePoint environment including 2007, 2010, 2013 and 2016. The following errors while using Nintex Workflows would have been encountered when executing or publishing workflows.
Microsoft has suggested a workaround, which is to add explicitly the types to all web application’s web.config and OWSTIMER.exe.config.
Refer to the following post which contains detailed steps of the workaround for Nintex workflows under the Additional Information section:
For SharePoint workflows, please refer to this Microsoft post: https://support.microsoft.com/en-us/help/4465015/sharepoint-workflows-stop-after-cve-2018-8421-secur...
We advise to reach out to Microsoft Support.