Solved

Using the fix MSI for 972890 0-day exploit work around

Posted on 2009-07-08
6
901 Views
Last Modified: 2013-12-08
I see posts on applying the registry fixes using regedit /s via GPO startup script to apply this fix (http://support.microsoft.com/kb/972890).  What I'm wondering is why we can't just use the msi provided at the link about and install it via GPO's normal software distribution methods?
0
Comment
Question by:Rignes
  • 3
  • 2
6 Comments
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24804951
The .msi fails to install because of the user prompts, you need to install it with command line silent switches
 

set SEE_MASK_NOZONECHECKS=1
MicrosoftFixit50287.msi /passive /quiet /norestart set SEE_MASK_NOZONECHECKS=0
0
 

Author Comment

by:Rignes
ID: 24805454
Thanks for the suggestion.  I should probably state my goal more clearly.

What I want to do is deploy this workaround via GPO to all of my workstations and then be able to pull the changed out when there is an official fix released.  I found the attached reg file with the suggestion of using regedit /s \\path\to\regfile to import it using a start up script.  That's fine and good but I don't know how to remove the registry changes using a .reg file.

I seem to have half the answer, would you be willing to point me to a resource on how to delete specific keys by simply importing a reg file via regedit /s?

Thanks for you help.  You would think Microsoft would make this easier. :P
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{011B3619-FE63-4814-8A84-15A194CE9CE3}]

"Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0149EEDF-D08F-4142-8D73-D23903D21E90}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0369B4E5-45B6-11D3-B650-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0369B4E6-45B6-11D3-B650-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{055CB2D7-2969-45CD-914B-76890722F112}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15D6504A-5494-499C-886C-973C9E53B9F1}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1BE49F30-0E1B-11D3-9D8E-00C04F72D980}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1C15D484-911D-11D2-B632-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1DF7D126-4050-47F0-A7CF-4C4CA9241333}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2C63E4EB-4CEA-41B8-919C-E947EA19A77C}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{334125C0-77E5-11D3-B653-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B0353C-A4C8-11D2-B634-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B03543-A4C8-11D2-B634-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B03544-A4C8-11D2-B634-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{418008F3-CF67-4668-9628-10DC52BE1D08}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4A5869CF-929D-4040-AE03-FCAFC5B9CD42}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{577FAA18-4518-445E-8F70-1473F8CF4BA4}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{59DC47A8-116C-11D3-9D8E-00C04F72D980}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7F9CB14D-48E4-43B6-9346-1AEBC39C64D3}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{823535A0-0318-11D3-9D8E-00C04F72D980}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8872FF1B-98FA-4D7A-8D93-C9F1055F85BB}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8A674B4C-1F63-11D3-B64C-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8A674B4D-1F63-11D3-B64C-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9CD64701-BDF3-4D14-8E03-F12983D86664}]

"Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9E77AAC4-35E5-42A1-BDC2-8F3FF399847C}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A2E3074E-6C3D-11D3-B653-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A2E30750-6C3D-11D3-B653-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{AD8E510D-217F-409B-8076-29C5E73B98E8}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B0EDF163-910A-11D2-B632-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B64016F3-C9A2-4066-96F0-BD9563314726}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{BB530C63-D9DF-4B49-9439-63453962E598}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C531D9FD-9685-4028-8B68-6E1232079F1E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCC-9B79-11D3-B654-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCD-9B79-11D3-B654-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCE-9B79-11D3-B654-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCF-9B79-11D3-B654-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CD0-9B79-11D3-B654-00C04F79498E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAAFDD83-CEFC-4E3D-BA03-175F17A24F91}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D02AAC50-027E-11D3-9D8E-00C04F72D980}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F9769A06-7ACA-4E39-9CFB-97BB35F0E77E}]

 "Compatibility Flags"=dword:00000400

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FA7C375B-66A7-4280-879D-FD459C84BB02}]

 "Compatibility Flags"=dword:00000400

Open in new window

0
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 300 total points
ID: 24805633
2 things
 
1. You dont want to delete these keys, they are only getting modified
2. for future reference you would just put a "-" in front of  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{055CB2D7-2969-45CD-914B-76890722F112}]

like so
-[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{055CB2D7-2969-45CD-914B-76890722F112}]

I would just export the "ActiveX Compatibility" key and use this to import in the future to set the settings back
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Expert Comment

by:ocacadmin
ID: 24806361
I might be wrong but can't you just run the "unfixer"?

There are two files msi links on the KB article here:

http://support.microsoft.com/kb/972890

MicrosoftFixit50287.msi  = Fixer
MicrosoftFixit50288.msi = Fix remover

A fixer and an unfixer that removes the fix. Couldn't you just run them each at the correct time with the silent switch and be done with it?
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24806872
all the suggested ways would work
0
 

Author Closing Comment

by:Rignes
ID: 31601275
You know, I've read that you don't have to delete them but if you use ORCA to view the registry changes made by the msi Microsoft released to disable the work around it actually deletes the keys.  I've done a diff comparison of the registry before and after and found that the Enabling msi adds the keys and then disabling one actually deletes them.

That's the primary reason why I wanted to know how to delete the keys since I wanted to replicate what the msi does.

I just made necessary reg files and am going to use startup scripts in a GPO to get the changes out to the clients.

Thanks. ;)
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now