Solved

Microsoft Fix It 50287 Will not deploy from Group Policy

Posted on 2009-07-07
8
4,150 Views
Last Modified: 2012-06-27
Is anyone else having any issues getting the Microsoft Fix It MSI package to deploy via Group Policy?  

http://support.microsoft.com/kb/972890

I know the GPO is working properly, as other software packages install, I just tested by uninstalling the Office 2007 Compatibility Pack and rebooted, and the policy reinstalled that package.  However, the MS Fix It MSI will not run.  The MSI package is in a shared folder, and authenticated users have proper permissions to access the installation.

0
Comment
Question by:forthphaze
8 Comments
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 24795246
how many systems do you normally deploy to - might be a good idea to look at using WSUS server services to deploy your patches, saves cluttering up your GPO, and slowing down your system boot/start-up times.
0
 

Expert Comment

by:theflycore
ID: 24795587
no wsus patch available at this time Iainix. Zero day security issue.

forthphase, we're having problems too. Won't deploy.  
0
 
LVL 47

Accepted Solution

by:
dstewartjr earned 500 total points
ID: 24796647
Try using the suggested  workaround, which involves importing a registry edit.
save below as activex.reg and save to a share
then add this line to a startup script .BAT file
 
regedit /s \\server\share\activex.reg
 

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{011B3619-FE63-4814-8A84-15A194CE9CE3}]

"Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0149EEDF-D08F-4142-8D73-D23903D21E90}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0369B4E5-45B6-11D3-B650-00C04F79498E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0369B4E6-45B6-11D3-B650-00C04F79498E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{055CB2D7-2969-45CD-914B-76890722F112}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15D6504A-5494-499C-886C-973C9E53B9F1}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1BE49F30-0E1B-11D3-9D8E-00C04F72D980}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1C15D484-911D-11D2-B632-00C04F79498E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1DF7D126-4050-47F0-A7CF-4C4CA9241333}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2C63E4EB-4CEA-41B8-919C-E947EA19A77C}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{334125C0-77E5-11D3-B653-00C04F79498E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B0353C-A4C8-11D2-B634-00C04F79498E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B03543-A4C8-11D2-B634-00C04F79498E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B03544-A4C8-11D2-B634-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{418008F3-CF67-4668-9628-10DC52BE1D08}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4A5869CF-929D-4040-AE03-FCAFC5B9CD42}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{577FAA18-4518-445E-8F70-1473F8CF4BA4}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{59DC47A8-116C-11D3-9D8E-00C04F72D980}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7F9CB14D-48E4-43B6-9346-1AEBC39C64D3}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{823535A0-0318-11D3-9D8E-00C04F72D980}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8872FF1B-98FA-4D7A-8D93-C9F1055F85BB}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8A674B4C-1F63-11D3-B64C-00C04F79498E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8A674B4D-1F63-11D3-B64C-00C04F79498E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9CD64701-BDF3-4D14-8E03-F12983D86664}]

"Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9E77AAC4-35E5-42A1-BDC2-8F3FF399847C}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A2E3074E-6C3D-11D3-B653-00C04F79498E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A2E30750-6C3D-11D3-B653-00C04F79498E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{AD8E510D-217F-409B-8076-29C5E73B98E8}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B0EDF163-910A-11D2-B632-00C04F79498E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B64016F3-C9A2-4066-96F0-BD9563314726}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{BB530C63-D9DF-4B49-9439-63453962E598}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C531D9FD-9685-4028-8B68-6E1232079F1E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCC-9B79-11D3-B654-00C04F79498E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCD-9B79-11D3-B654-00C04F79498E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCE-9B79-11D3-B654-00C04F79498E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCF-9B79-11D3-B654-00C04F79498E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CD0-9B79-11D3-B654-00C04F79498E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAAFDD83-CEFC-4E3D-BA03-175F17A24F91}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D02AAC50-027E-11D3-9D8E-00C04F72D980}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F9769A06-7ACA-4E39-9CFB-97BB35F0E77E}]

 "Compatibility Flags"=dword:00000400
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FA7C375B-66A7-4280-879D-FD459C84BB02}]

 "Compatibility Flags"=dword:00000400

Open in new window

0
 

Expert Comment

by:tpgrpit
ID: 24797533
What is the error you get when installing the MSI package?  

When I attempt to role this out, I get the following in event logger.

"The assignment of application Microsoft Fix it 50287 from policy Update for Workstations failed.  The error was : Fatal error during installation. "
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 1

Author Closing Comment

by:forthphaze
ID: 31600640
Worked perfectly, thanks.  I'm still curious as to why the MSI won't run via GP though..
0
 
LVL 47

Expert Comment

by:dstewartjr
ID: 24804211
Try the following switches(in a .bat)

set SEE_MASK_NOZONECHECKS=1
MicrosoftFixit50287.msi /passive /quiet /norestart set SEE_MASK_NOZONECHECKS=0
0
 
LVL 4

Expert Comment

by:expexchuser
ID: 24804457
Keep up the good work guys.  I haven't been around here in a couple years, but reference expertsexchange all the time.

Here's where I've been lately and what I have to say about this zero day and how to protect yourself.
http://community.spiceworks.com/topic/71312?page=1#entry-181505.  Essentially I block NTFS access to msvidctl.dll...otherwise when the patch comes out you'll have to create another registry file to reverse the entries you introduced.  Some video playback functionality may fail otherwise.

@IainNIX:This is a ZERO DAY which means no patch.  No patch... no wsus.
0
 

Expert Comment

by:mikemos
ID: 24854319
Just a comment:

Pushing thru group policy worked fine for me.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
Step by step guide to Clean and Sort your windows registry! Introduction: Always remember: A Clean registry = Better performance = Save your invaluable time In this article we're going to clear our registry manually! Yes, manually! The e…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now