A quick note on a couple of recent Microsoft patches that you might find relevant.
If you have installed the Microsoft MS07-017 (KB925902) patch and had a problem with your systems receiving the following errors:
application_executable_name - Illegal System DLL Relocation
The system DLL user32.dll was relocated in memory. The application will not run properly. The relocation occurred because the DLL C:\Windows\System32\Hhctrl.ocx occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL.
Check out the following MS Knowledgebase article and related patch. I’ve downloaded the patch and applied it successfully to my systems with the Realtek Audio software.
I use the Kixtart scripting language for my login scripts, so it was easy to deploy the original patch as well as the follow-up Realtek patch using the following script:
AT ( 1,1) “A critical security patch is needed on your computer.”
AT ( 2,1) “Please wait while your system is updated……..”
IF EXIST (”C:\WINNT\$NtUninstallKB925902$”) OR EXIST (”C:\WINDOWS\$NtUninstallKB925902$”)
AT (4,1) “Microsoft Exploit Patch already applied”
IF EXIST (”C:\WINNT\$NtUninstallKB935448$”) OR EXIST (”C:\WINDOWS\$NtUninstallKB935448$”)
AT (6,1) “Realtek Patch Already Applied”
IF @producttype = “Windows XP Professional”
AT (6,1) “Installing Realtek Patch…..”
SHELL “\\DOMAINCONTROLLER\NETLOGON\PATCHES\KB935448.exe /QUIET /NORESTART”
if @producttype = “Windows 2000 Professional”
AT (4,1) “Patching Windows 2000 Professional…….”
SHELL “\\DOMAINCONTROLLER\NETLOGON\PATCHES\2000.EXE /QUIET /NORESTART”
if @producttype = “Windows XP Professional”
AT (4,1) “Patching WindowsXP Professional……..”
SHELL “\\DOMAINCONTROLLER\NETLOGON\PATCHES\XP.EXE /QUIET /NORESTART”
AT (8,1) “Your system has been patched.”
Hopefully you find this useful.
Oh, and if you are not using a robust scripting language, you should check out KiXstart. It’s released as CareWare, so please do your part and make a donation to one of the listed organizations.