14 DAY TRIAL // A change in Windows' complex and interconnected architecture of components can easily reverberate throughout the operating system. It is the case of the Critical Microsoft Security Bulletin MS09-010, a security update designed to deal with vulnerabilities in WordPad and Office Text Converters which could allow remote code execution in the eventuality of a successful exploit. Although the flaws reside in WordPad and Office text converters, applying the patch managed to cause installations of Service pack 3 for Windows XP to fail. Effectively, attempting to install Windows XP Service Pack 3 via Windows Server Update Services is unsuccessful and the user is returned the following errors 0x8007f00d or 0x8007f02b.
“This can happen if the workaround for MS09-010 was applied to the client machines adding deny permission to file C:\program files\windows nt\accessories\mswrd8.wpc. This causes the WSUS installation to fail because we’re unable to access the file and update it. When trying to install SP3 manually (not using the Quiet switch), it causes an error reading the file above, prompting for a source to update the file or to skip the file. Since WSUS installs SP3 in quiet mode, the installation fails because it never prompts the user for file it's trying to update,” explained Joao Madureira, WSUS support engineer.
Resolving this issue involves going against MS09-01. In this regard, end users will need to open up access to C:\program files\windows nt\accessories\mswrd8.wpc, which was blocked by the security update released in April 2009, and updated in June.
“The resolution of course is to grant permission to the file. The easiest way to do this is via a batch file, which is what we did, containing the following line: Echo y| cacls %programfiles%\windows nt\accessories\ /T /P Everyone:C. Once this batch file runs on the target, it changes the permissions of the file in question, thus allowing SP3 to install successfully,” Madureira explained.