Problem with fixlet MS08-018

(imported topic written by dunk63)

i have a problem with fixlet MS08-018: Vulnerability in Microsoft Project Could Allow Remote Code Execution - Project 2002 SP1. I applied the patch and it completes and than stated failed. i have tracked it to the relevance see below.

exists file “Blnmgr.dll” whose (version of it < ") of it) of parent folder of regapp “winproj.exe” whose (version of it = “10”)

my systems have the file but ver. 10.0.2607.0 after the patch has been installed. i even uninstalled the patch from the controll panel and downlaod the patch from microsoft and still this file does not change. it there something i’m missing.

thanks in advance.

(imported comment written by rwest23)

Hello,

While our file version checks are in line with the Microsoft Knowledge Base article pertaining to that bulletin (http://support.microsoft.com/?kbid=949005) and our initial tests checked out, it’s very possible that your systems are configured differently than our test systems. We will attempt to reproduce the issue, but in the meantime can you provide us with any further information about your system configurations? Specifically, please provide your OS and SP level as well as Project version. The following queries might help:

q: (name of it, service pack major version of it, x64 of it) of operating system

q: (name of it, value “DisplayName” of it, value “DisplayVersion” of it) of keys whose (name of it ends with “6000-11D3-8CFE-0050048383C9}”) of key “HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall” of registry

q: if (exists keys whose ((value “DisplayName” of it as string as lowercase contains “microsoft”) AND (value “DisplayName” of it as string contains “Project”)) of keys “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall” of registry) then ((unique values of ((value “DisplayName” of it as string) of (keys whose ((value “DisplayName” of it as string as lowercase contains “microsoft”) AND (value “DisplayName” of it as string contains “Project”)) of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall” of registry)))) else “N/A”

Note that we do not support systems with multiple versions of MS Office products installed. Thank you.

  • Randy

(imported comment written by dunk63)

here is what i got with your queries.

q: (name of it, service pack major version of it, x64 of it) of operating system

A: WinXP, 2, False

q: (name of it, value “DisplayName” of it, value “DisplayVersion” of it) of keys whose (name of it ends with “6000-11D3-8CFE-0050048383C9}”) of key “HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall” of registry

A: {90110409-6000-11D3-8CFE-0050048383C9}, Microsoft Office XP Professional, 10.0.6626.0

A: {90170409-6000-11D3-8CFE-0050048383C9}, Microsoft FrontPage 2002, 10.0.6626.0

A: {903A0409-6000-11D3-8CFE-0050048383C9}, Microsoft Project Standard 2002, 10.0.8326.0

q: (name of it, value “DisplayName” of it, value “DisplayVersion” of it) of keys whose (name of it ends with “6000-11D3-8CFE-0050048383C9}”) of key “HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall” of registry

A: {90110409-6000-11D3-8CFE-0050048383C9}, Microsoft Office XP Professional, 10.0.6626.0

A: {90170409-6000-11D3-8CFE-0050048383C9}, Microsoft FrontPage 2002, 10.0.6626.0

A: {903A0409-6000-11D3-8CFE-0050048383C9}, Microsoft Project Standard 2002, 10.0.8326.0

q: if (exists keys whose ((value “DisplayName” of it as string as lowercase contains “microsoft”) AND (value “DisplayName” of it as string contains “Project”)) of keys “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall” of registry) then ((unique values of ((value “DisplayName” of it as string) of (keys whose ((value “DisplayName” of it as string as lowercase contains “microsoft”) AND (value “DisplayName” of it as string contains “Project”)) of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall” of registry)))) else “N/A”

A: Microsoft Project Standard 2002

Does this help?

(imported comment written by rwest23)

Unfortunately I haven’t been able to reproduce the issue that you are having. After installing Office XP Pro, FrontPage 2002, and Project 2002 Std at the appropriate service pack levels, my version of the file “Blnmgr.dll” was always already at “10.0.3409.0,” and after the patch was complete it was always at “10.0.6712.0.”

Although I can’t reproduce the issue, I can give you a probable explanation. Many Office products use shared components, and the most recently installed product seems to associate itself with these components in a way that prevents them from being updated by patches for other products. This is exactly why BigFix does not support systems with multiple Office installations since determining which files will be updated for a given patch becomes an extremely complicated task that requires knowledge of all installed products and their installation order.

While we will not be updating our published fixlet, it’s very likely that you can successfully deploy the patch in question on your systems by removing the check for Blnmgr.dll. I’ve attached a .bes file (which you can import using File->Import from the BES Console) with exactly that change. Please let us know how that goes.

EDIT: Sorry, attachments don’t seem to be working for some reason… Please use

this link

instead.