Microsoft Security Advisory (950627) - Help

So, as requested in this advisory, I entered the command line on one of the
computers here to disable the jet database engine:

Caution, read the rest of this post before entering this line...
echo y| cacls "%SystemRoot%\system32\msjet40.dll" /E /P everyone:N

So, that sets it as it should.

Come to find out, some of the programs on the computer require the access to
that specific .dll. Fine. I'll re-enable it using the instructions also
listed an undo procedure... the advisory states to enter:

echo y| cacls "%SystemRoot%\system32\msjet40.dll" /E /R everyone

I get "Access Denied".

Anyone have a suggestion on how to re-enable the msjet40.dll?

"KC" wrote:

So, as requested in this advisory, I entered the command line on one of the
computers here to disable the jet database engine:

Caution, read the rest of this post before entering this line...
echo y| cacls "%SystemRoot%\system32\msjet40.dll" /E /P everyone:N

So, that sets it as it should.

Come to find out, some of the programs on the computer require the access to
that specific .dll. Fine. I'll re-enable it using the instructions also
listed an undo procedure... the advisory states to enter:

echo y| cacls "%SystemRoot%\system32\msjet40.dll" /E /R everyone

I get "Access Denied".

Anyone have a suggestion on how to re-enable the msjet40.dll?


I'm afraid your system may be compromised or you messed it up!.
Did you tried the |keys in the registry to adjust to loosen its grip a
little bit?.
Read the info he
Vulnerability in Microsoft Jet Database Engine (Jet) Could Allow Remote Code
Execution
http://www.microsoft.com/technet/sec...ry/950627.mspx

http://office.microsoft.com/en-us/ac...321681033.aspx
http://office.microsoft.com/en-us/ac...321611033.aspx

Thanks for the links. The 1st one is the exact tech note that tells one to
disable the Jet Engine and how to re-enable on the WorkArounds.

The others do not mention what happens or how to fix when the re-enabling
fails.

I am 99.9% sure this drive was not compromised. Why? It's never been hooked
up to the internet. Yet, mandates from upon high (management) say 'you have
to disable this'. (Ridiculous if you ask me, that one has to do things for
computers to prevent it from attack when it'll never be effected through the
internet or e-mail).

Yet, also, no one around here where I'm located knows how to re-enable it.



"nass" wrote:



"KC" wrote:

So, as requested in this advisory, I entered the command line on one of the
computers here to disable the jet database engine:

Caution, read the rest of this post before entering this line...
echo y| cacls "%SystemRoot%\system32\msjet40.dll" /E /P everyone:N

So, that sets it as it should.

Come to find out, some of the programs on the computer require the access to
that specific .dll. Fine. I'll re-enable it using the instructions also
listed an undo procedure... the advisory states to enter:

echo y| cacls "%SystemRoot%\system32\msjet40.dll" /E /R everyone

I get "Access Denied".

Anyone have a suggestion on how to re-enable the msjet40.dll?


I'm afraid your system may be compromised or you messed it up!.
Did you tried the |keys in the registry to adjust to loosen its grip a
little bit?.
Read the info he
Vulnerability in Microsoft Jet Database Engine (Jet) Could Allow Remote Code
Execution
http://www.microsoft.com/technet/sec...ry/950627.mspx

http://office.microsoft.com/en-us/ac...321681033.aspx
http://office.microsoft.com/en-us/ac...321611033.aspx

The fix:

Copied the .dll from another machine (same version) onto a CD.
Started the 'broken' machine in SafeMode/CommandPrompt.

Deleted the 'broken' .dll then copied the new one to the same location.
Rebooted. Viola. Works fine.

Gah.

"KC" wrote:

Thanks for the links. The 1st one is the exact tech note that tells one to
disable the Jet Engine and how to re-enable on the WorkArounds.

The others do not mention what happens or how to fix when the re-enabling
fails.

I am 99.9% sure this drive was not compromised. Why? It's never been hooked
up to the internet. Yet, mandates from upon high (management) say 'you have
to disable this'. (Ridiculous if you ask me, that one has to do things for
computers to prevent it from attack when it'll never be effected through the
internet or e-mail).

Yet, also, no one around here where I'm located knows how to re-enable it.



"nass" wrote:



"KC" wrote:

So, as requested in this advisory, I entered the command line on one of the
computers here to disable the jet database engine:

Caution, read the rest of this post before entering this line...
echo y| cacls "%SystemRoot%\system32\msjet40.dll" /E /P everyone:N

So, that sets it as it should.

Come to find out, some of the programs on the computer require the access to
that specific .dll. Fine. I'll re-enable it using the instructions also
listed an undo procedure... the advisory states to enter:

echo y| cacls "%SystemRoot%\system32\msjet40.dll" /E /R everyone

I get "Access Denied".

Anyone have a suggestion on how to re-enable the msjet40.dll?


I'm afraid your system may be compromised or you messed it up!.
Did you tried the |keys in the registry to adjust to loosen its grip a
little bit?.
Read the info he
Vulnerability in Microsoft Jet Database Engine (Jet) Could Allow Remote Code
Execution
http://www.microsoft.com/technet/sec...ry/950627.mspx

http://office.microsoft.com/en-us/ac...321681033.aspx
http://office.microsoft.com/en-us/ac...321611033.aspx

Hi KC,
Glad you got it sorted and thanks for these valuable info and sharing it
with us.
Much appreciated.
Good luck.
nass
---
http://www.nasstec.co.uk

"KC" wrote:

The fix:

Copied the .dll from another machine (same version) onto a CD.
Started the 'broken' machine in SafeMode/CommandPrompt.

Deleted the 'broken' .dll then copied the new one to the same location.
Rebooted. Viola. Works fine.

Gah.

"KC" wrote:

Thanks for the links. The 1st one is the exact tech note that tells one to
disable the Jet Engine and how to re-enable on the WorkArounds.

The others do not mention what happens or how to fix when the re-enabling
fails.

I am 99.9% sure this drive was not compromised. Why? It's never been hooked
up to the internet. Yet, mandates from upon high (management) say 'you have
to disable this'. (Ridiculous if you ask me, that one has to do things for
computers to prevent it from attack when it'll never be effected through the
internet or e-mail).

Yet, also, no one around here where I'm located knows how to re-enable it.



"nass" wrote:



"KC" wrote:

So, as requested in this advisory, I entered the command line on one of the
computers here to disable the jet database engine:

Caution, read the rest of this post before entering this line...
echo y| cacls "%SystemRoot%\system32\msjet40.dll" /E /P everyone:N

So, that sets it as it should.

Come to find out, some of the programs on the computer require the access to
that specific .dll. Fine. I'll re-enable it using the instructions also
listed an undo procedure... the advisory states to enter:

echo y| cacls "%SystemRoot%\system32\msjet40.dll" /E /R everyone

I get "Access Denied".

Anyone have a suggestion on how to re-enable the msjet40.dll?


I'm afraid your system may be compromised or you messed it up!.
Did you tried the |keys in the registry to adjust to loosen its grip a
little bit?.
Read the info he
Vulnerability in Microsoft Jet Database Engine (Jet) Could Allow Remote Code
Execution
http://www.microsoft.com/technet/sec...ry/950627.mspx

http://office.microsoft.com/en-us/ac...321681033.aspx
http://office.microsoft.com/en-us/ac...321611033.aspx