Solved

Using the fix MSI for 972890 0-day exploit work around

Posted on 2009-07-08
6
907 Views
Last Modified: 2013-12-08
I see posts on applying the registry fixes using regedit /s via GPO startup script to apply this fix (http://support.microsoft.com/kb/972890).  What I'm wondering is why we can't just use the msi provided at the link about and install it via GPO's normal software distribution methods?
0
Comment
Question by:Rignes
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24804951
The .msi fails to install because of the user prompts, you need to install it with command line silent switches
 

set SEE_MASK_NOZONECHECKS=1
MicrosoftFixit50287.msi /passive /quiet /norestart set SEE_MASK_NOZONECHECKS=0
0
 

Author Comment

by:Rignes
ID: 24805454
Thanks for the suggestion.  I should probably state my goal more clearly.

What I want to do is deploy this workaround via GPO to all of my workstations and then be able to pull the changed out when there is an official fix released.  I found the attached reg file with the suggestion of using regedit /s \\path\to\regfile to import it using a start up script.  That's fine and good but I don't know how to remove the registry changes using a .reg file.

I seem to have half the answer, would you be willing to point me to a resource on how to delete specific keys by simply importing a reg file via regedit /s?

Thanks for you help.  You would think Microsoft would make this easier. :P
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{011B3619-FE63-4814-8A84-15A194CE9CE3}]
"Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0149EEDF-D08F-4142-8D73-D23903D21E90}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0369B4E5-45B6-11D3-B650-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0369B4E6-45B6-11D3-B650-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{055CB2D7-2969-45CD-914B-76890722F112}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15D6504A-5494-499C-886C-973C9E53B9F1}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1BE49F30-0E1B-11D3-9D8E-00C04F72D980}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1C15D484-911D-11D2-B632-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1DF7D126-4050-47F0-A7CF-4C4CA9241333}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2C63E4EB-4CEA-41B8-919C-E947EA19A77C}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{334125C0-77E5-11D3-B653-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B0353C-A4C8-11D2-B634-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B03543-A4C8-11D2-B634-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{37B03544-A4C8-11D2-B634-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{418008F3-CF67-4668-9628-10DC52BE1D08}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4A5869CF-929D-4040-AE03-FCAFC5B9CD42}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{577FAA18-4518-445E-8F70-1473F8CF4BA4}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{59DC47A8-116C-11D3-9D8E-00C04F72D980}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7F9CB14D-48E4-43B6-9346-1AEBC39C64D3}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{823535A0-0318-11D3-9D8E-00C04F72D980}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8872FF1B-98FA-4D7A-8D93-C9F1055F85BB}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8A674B4C-1F63-11D3-B64C-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8A674B4D-1F63-11D3-B64C-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9CD64701-BDF3-4D14-8E03-F12983D86664}]
"Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9E77AAC4-35E5-42A1-BDC2-8F3FF399847C}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A2E3074E-6C3D-11D3-B653-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A2E30750-6C3D-11D3-B653-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{AD8E510D-217F-409B-8076-29C5E73B98E8}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B0EDF163-910A-11D2-B632-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B64016F3-C9A2-4066-96F0-BD9563314726}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{BB530C63-D9DF-4B49-9439-63453962E598}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C531D9FD-9685-4028-8B68-6E1232079F1E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCC-9B79-11D3-B654-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCD-9B79-11D3-B654-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCE-9B79-11D3-B654-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCF-9B79-11D3-B654-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5702CD0-9B79-11D3-B654-00C04F79498E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAAFDD83-CEFC-4E3D-BA03-175F17A24F91}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D02AAC50-027E-11D3-9D8E-00C04F72D980}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F9769A06-7ACA-4E39-9CFB-97BB35F0E77E}]
 "Compatibility Flags"=dword:00000400
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FA7C375B-66A7-4280-879D-FD459C84BB02}]
 "Compatibility Flags"=dword:00000400

Open in new window

0
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 300 total points
ID: 24805633
2 things
 
1. You dont want to delete these keys, they are only getting modified
2. for future reference you would just put a "-" in front of  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{055CB2D7-2969-45CD-914B-76890722F112}]

like so
-[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{055CB2D7-2969-45CD-914B-76890722F112}]

I would just export the "ActiveX Compatibility" key and use this to import in the future to set the settings back
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 

Expert Comment

by:ocacadmin
ID: 24806361
I might be wrong but can't you just run the "unfixer"?

There are two files msi links on the KB article here:

http://support.microsoft.com/kb/972890

MicrosoftFixit50287.msi  = Fixer
MicrosoftFixit50288.msi = Fix remover

A fixer and an unfixer that removes the fix. Couldn't you just run them each at the correct time with the silent switch and be done with it?
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24806872
all the suggested ways would work
0
 

Author Closing Comment

by:Rignes
ID: 31601275
You know, I've read that you don't have to delete them but if you use ORCA to view the registry changes made by the msi Microsoft released to disable the work around it actually deletes the keys.  I've done a diff comparison of the registry before and after and found that the Enabling msi adds the keys and then disabling one actually deletes them.

That's the primary reason why I wanted to know how to delete the keys since I wanted to replicate what the msi does.

I just made necessary reg files and am going to use startup scripts in a GPO to get the changes out to the clients.

Thanks. ;)
0

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Problem with Internet Explorer 8 7 35
Secure Website 5 36
Exchange, OWA, PROXY 7 59
Active Directory Replication 1 13
In-place Upgrading Dirsync to Azure AD Connect
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question