UPHClean and other profile ramblings

A blog to discuss UPHClean and profile problems

UPHClean v1.6 Security Vulnerability Fix

UPHClean v1.6 Security Vulnerability Fix

  • Comments 5
  • Likes

The previous version of UPHClean did not call the system executable using quotes. This could in some scenarios allow a local user to elevate privileges. This issue has now been addressed in the current version. Thanks to Thierry Zoller from Verizon Business for reporting this issue to us.

 

Updated bits (v1.6g)  are being posted on the Microsoft Download Center and should be available shortly.

Comments
  • In using multiple versions of UPHClean, I have been encountering an issue I do not see mentioned elsewhere.  I'm wondering if you or anyone else has information regarding this issue:

     The first time a user logs out and UPHClean remaps the registry, it causes "C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat" to become locked.  On subsequent logins for other users, the event log shows a 1509 Userenv error when trying to copy this file since it is locked.  ProcessExplorer shows that the SYSTEM process has this file locked, so I believe it is caused by the loading of the "HKEY_USERS\.DEFAULT".

     Is this expected behavior?

     Can these warnings be safely ignored?  It seems that if the UsrClass.dat file cannot be copied, then users will not be loading my customized Default profile's registry settings.

  • In using multiple versions of UPHClean, I have been encountering an issue I do not see mentioned elsewhere.  I'm wondering if you or anyone else has information regarding this issue:

     The first time a user logs out and UPHClean remaps the registry, it causes "C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat" to become locked.  On subsequent logins for other users, the event log shows a 1509 Userenv error when trying to copy this file since it is locked.  ProcessExplorer shows that the SYSTEM process has this file locked, so I believe it is caused by the loading of the "HKEY_USERS\.DEFAULT".

     Is this expected behavior?

     Can these warnings be safely ignored?  It seems that if the UsrClass.dat file cannot be copied, then users will not be loading my customized Default profile's registry settings.

  • Just wondering if this 1.6g version includes the fix that prevents the winlogon.exe errors like v2.0 does?

  • v1.6g only fixes the security issue.  There's no new functionality.  You can look at the history log in the readme.txt for more details about changes/fixes.

  • hi i have this problem... but this prigram not fix it ...why ? help me...

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment