[Dshield] Help! Can no longer install programs - Related toSecurity updates?

Peter Stendahl-Juvonen peter.stendahl-juvonen at welho.com
Mon Jan 22 12:12:24 GMT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Adrian et al.

Thanks for prompt response.

Unluckily, could find no evidence of loss of integrity regarding the
privileges of SYSTEM or the Administrative Users Group on this system.

The following have full control over the installation/setup executable file:
- - A limited user account (the executable resides in this user account's
Own Files)
- - The Administrative Users Group
- - SYSTEM
[- even added the (renamed) Admin account explicitly with full control,
but it had no impact, installation/open file attempts fail as reported
originally]

The following have full control over the root (drive):
- - The Administrative Users Group (This Folder, Subfolders and Files)
- - Creator-Owner (Only Subfolders and Files)
- - SYSTEM (This Folder, Subfolders and Files)
[- even added the (renamed) Admin account explicitly with full control
(This Folder, Subfolders and Files), but it had no impact,
installation/open file attempts fail as reported originally]

The following have Read/Execute permission over the root (drive):
- - Authenticated Users (Only this folder)

The following have full control over the WINDOWS directory:
- - The Administrative Users Group (This Folder, Subfolders and Files)
- - Creator-Owner (Only Subfolders and Files)
- - SYSTEM (This Folder, Subfolders and Files)
[- even added the (renamed) Admin account explicitly with full control
(This Folder, Subfolders and Files), but it had no impact,
installation/open file attempts fail as reported originally]

The following have Modify permissions over the WINDOWS directory:
- - Power Users (This Folder, Subfolders and Files)

The following have Read/Execute permission over the WINDOWS directory:
- - Authenticated Users (This Folder, Subfolders and Files)

BTW, I have set up Explorer and Desktop running as separate processes on
this system, but figure that it is less significant, since that is not
the case with the other system where the same problem occurred. I have
in addition tried to open the installation/setup executable file also
via the Run As (using the renamed Admin account as user name), but the
attempts fail in the same error prompt. I have even launched Explorer
the same way; Run As (using the renamed Admin account as user name), but
the attempts fail in the same error prompt, when attempting to open the
executable installation/setup file.

On the other system, I managed to install the software after having
played long enough with the path name. Essentially, I shortened the
pathname long enough, and finally managed to run the executable.
However, not sure, whether it was only coincidental, since similar
attempts do not solve the issue on this other system.

Would appreciate all ideas and suggestions.

Thanks in advance for possible help.

- - Pete



22.1.2007 4:34 (UTC+2), Adrian Sanabria kirjoitti/wrote:
> I know it was a vague question, but I've had cases where the "system"
> account mysteriously disappeared from files. Makes for all kinds of exciting
> OS behavior. That's all I can think of.
> 
> --Adrian
> 
> On 1/21/07, adrian.sanabria at gmail.com <adrian.sanabria at gmail.com> wrote:
>> What are the permissions (local) on the file?
>>
>> Sent via BlackBerry from Cingular Wireless
>>
>> -----Original Message-----
>> From: Peter Stendahl-Juvonen <peter.stendahl-juvonen at welho.com>
>> Date: Sun, 21 Jan 2007 16:41:41
>> To:General DShield Discussion List <list at lists.dshield.org>
>> Subject: [Dshield] Help! Can no longer install programs - Related to
>>         Security updates?
>>
> Help! Can no longer install programs - Related to Security updates?
> 
> Would the distinguished subscribers to this awesome list, please kindly
> help by pointing into correct direction in the following dilemma?
> 
> (The experienced issue made it possible to manually install, e.g. a
> security patch, so it is at least that way related to security [patches]
> as well. ;-)
> 
> I have encountered the following issue on two systems (after having
> automatically applied the latest security updates).
> 
> Both systems are fully patched up-to-date WXP Pro systems (with a
> nationalized Finnish version [of O/S] and GUI).
> 
> I have changed the name of the Admin account (from default) on both
> systems, and attempt to execute the installation/setup file; signed on
> the Admin account, witch has (by default) full administrative privileges.
> 
> When I attempt to run the installation/setup file, receive the following
> prompt (direct translation from Finnish into English):
> 
> "[Full path name]
> Windows cannot use the specified device, path or file. You may not have
> the required privileges.
> [OK]"
> 
> Nothing logged into the security log.
> 
> So, it now appears I cannot install any programs on these systems,
> before the issue is solved.
> 
> Has anyone experienced the same or similar?
> 
> Do you have idea(s), what might cause the issue, and how to correct the
> situation? Might it relate to MS security patches?
> 
> Thanks for any pointers into the right direction.
> 
> 
> - Pete
> 
> 
>                 "A prudent question is one-half of wisdom."
>       Francis Bacon (1561-1626); English philosopher, statesman.
> 
> 
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFtKooQ21KCihDnSQRAoZ6AJ9mMKYdmG6J6INBKEr60Jslhzk5RQCfcFET
9FUBRTdT7z/S6cR7jb9ZbOs=
=8Sgj
-----END PGP SIGNATURE-----


More information about the list mailing list