close

Privacy guaranteed - Your email is not shared with anyone.

3rd party Windows XP fix for recent buggy security fix

Discussion in 'Tech Talk' started by Washington D.C., Apr 24, 2006.

  1. Washington D.C.

    Washington D.C.

    Joined:
    Oct 13, 2003
    Messages:
    5,218
    Likes Received:
    1
    Location:
    Woestyn Kusdorp
    http://claydawg.helpdesk.olemiss.edu/?p=90


    MS06-015/kb908531 Breaks IE, Office, Explorer

    April 21st, 2006

    I spent 2 hours on the phone with Microsoft this morning concerning this issue. We have many machines on our campus that are being affected by this patch and I decided it was time to get to the root of the problem. Some machines have the patch installed and are experiencing no problems, while others can barely function. It appears this problem is caused by installing this patch on systems with Hewlett Packard’s Share-to-Web software, nVidia shell extension GUID’s, Kerio Personal Firewall, Roxio DragToDisc / Adaptec DirectCD shell extension, or SolidWorkds 3D CAD products shell extension. In addition to this information, the engineer I spoke with was nice enough to email me the current registry workarounds for each problem. I asked him for a URL to this information and he said he didn’t have one because they were working on a hotfix and had not posted this on the web. So I am. Here’s the workaround information provided to me to help resolve this issue:





    Resolution 1. HEWLETT-PACKARD’s Share-to-Web software
    1. The Shell fix includes a white list - VERCLSID.EXE will not scan any extension that appears on this list, so adding the HP shell extension fixes the problem.

    The following REG file can be applied to problem systems and will correct the problem permanently:

    To manually enter the registry entries on a problem machine:

    a. Log on to the machine with an account with administrator privileges
    b. Goto Start ->Run
    c. Type Regedit and press enter.
    d. Navigate to
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
    e. Right Click and Select New -> DWORD Value with and enter the following:

    For Windows 2000, enter the following…
    {A4DF5659-0801-4A60-9607-1C48695EFDA9} {000214E6-0000-0000-C000-000000000046}

    For Windows XP or 2003, enter the following…
    {A4DF5659-0801-4A60-9607-1C48695EFDA9} {000214E6-0000-0000-C000-000000000046} 0×401

    f. Set the Data of this value to 1
    g. Close the Registry editor
    h. Reboot the computer

    Resolution 2. nVidia shell extension GUIDs

    The following REG file can be applied to problem systems and will correct the problem permanently:

    To manually enter the registry entries on a problem machine:

    a. Log on to the machine with an account with administrator privileges
    b. Goto Start ->Run
    c. Type Regedit and press enter.
    d. Navigate to
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
    e. Right Click and Select New -> DWORD Value with and enter the following:

    For Windows 2000, enter the following…

    {1e9b04fb-f9e5-4718-997b-b8da88302a47} {000214e8-0000-0000-c000-000000000046}
    {1e9b04fb-f9e5-4718-997b-b8da88302a48} {000214e8-0000-0000-c000-000000000046}
    {1cdb2949-8f65-4355-8456-263e7c208a5d} {000214e6-0000-0000-c000-000000000046}

    For Windows XP or 2003 enter the following…

    {1e9b04fb-f9e5-4718-997b-b8da88302a47} {000214e8-0000-0000-c000-000000000046} 0×401
    {1e9b04fb-f9e5-4718-997b-b8da88302a48} {000214e8-0000-0000-c000-000000000046} 0×401
    {1cdb2949-8f65-4355-8456-263e7c208a5d} {000214e6-0000-0000-c000-000000000046} 0×401


    f. Set the Data of each of these values to 1
    g. Close the Registry editor
    h. Reboot the computer

    Resolution 3. VERCLSID.EXE process flagged by Sunbelt Kerio Personal Firewall
    Note: There has been only one known report of this issue.
    Kerio Personal Firewall Users can configure Kerio to allow VERCLSID.EXE to execute without prompting

    The App Compat team is currently working with Kerio to request that they not flag VERCLSID.EXE.

    ========================================================
    Other problem GUIDs recently found:
    ========================================================

    Roxio DragToDisc / Adaptec DirectCD Shell Extension
    Windows XP / 2003
    {5e44e225-a408-11cf-b581-008029601108} {000214e8-0000-0000-c000-000000000046} 0×401
    Windows 2000:
    {5e44e225-a408-11cf-b581-008029601108} {000214e8-0000-0000-c000-000000000046}

    SolidWorks 3D CAD products shell extension
    Windows XP / 2003
    {ee386d18-e6d7-407e-8d3c-47c05e602199} {0000010b-0000-0000-c000-000000000046} 0×401
    Windows 2000:
    {ee386d18-e6d7-407e-8d3c-47c05e602199} {0000010b-0000-0000-c000-000000000046}

    —————————————————————————————————————————-

    I was unable to find this information anywhere and thought it would be good to share. I’m sure other people are experiencing the same problems we are. Maybe this information will help to overcome the problems caused by 908531.

    **I have made a patch for both 2000 and XP/2003 that will insert the registry values mentioned above.**
    –For Windows 2000, go to http://claydawg.helpdesk.olemiss.edu/reg-fix-2k.zip
    –For Windows XP/Server 2003, go to http://claydawg.helpdesk.olemiss.edu/reg-fix-xp.zip

    Posted in General, Work, Windows |
    You can leave a response, or trackback from your own site.
    3 Responses to “**UPDATE** MS06-015/kb908531 Breaks IE, Office, Explorer”

    1. ryanmetcalf Says:
    April 21st, 2006 at 6:19 pm

    Thanks!, the .bat for XP worked perfectly. Previously, I had had written a batfile to taskkill the VERCLSID.EXE instance everytime it would hang my computer. Glad it works without.
    2. rolandtignor Says:
    April 21st, 2006 at 7:08 pm

    Thanks for that info.
    We had problems with Excel. We would click on file then open
    and nothing would open up. I went through the processes in task manager and when I would bring up excel and then file then open I would see verclsid.exe process. So we renamed VERCLSID.EXE to
    VERCLSID.OLD That fixed our problem.
    All we have installed on the computer is HP print drivers for our networked laser printer and designjet.
    Nothing else in your list above.
    Thanks
    3. YDI99 Says:
    April 22nd, 2006 at 7:53 am

    Your batch worked perfectly. I spend hours & hours on this. I am running IE7 Beta 2. I thought that was the issue. My system became corrupt while uninstalling IE7 beta 2. So…..I ended up uninstalling Service pack two, & reinstalling several times. Managed to get the system back to normal, with IE7 beta 2 re-installed. Could not get a half dozen updates to install successfully until I ran your patch. A heartfelt thanks to you… The thing that really upsets me is I started with Microsoft Help page to begin with. Jay Leno said the other night “Jay metioned that Bill Gates met with the president of China & told him if he had any problems to call him directly… while all of us have to call India.”
     
  2. Ljunatic

    Ljunatic On The Fringe

    Joined:
    Oct 23, 2001
    Messages:
    1,034
    Likes Received:
    0
    Location:
    Lincoln, Nebraska
    Thanks:
    the bat file helped my machine too.

    I have both HP print drivers and Invidia display drivers.

    My issues were with weird results , intermittently ,when clicking a browser button and never knowing what, if anything , would pop up