KB891781

2/9/05 Windows Update KB891781 has caused the Trellian Web Editor program to
issue an error message "no such interface". Their present workaround is to
disable this MS critical security update which deals w/a DHTML Active X
security issue.

How can this issue be fixed besides uninstalling(and leaving uninstalled)
the KB891781 security patch? Is there any timeframe on a fix of this by
MS...or is this a vendor issue? Thanks
Bob123

I had the same failure but with WebPage using Windows 98SE I can not find an
option to uninstall KB891781. I made what I think is a mistake by
uninstalling and reinstalling WebPage editor which fiexd the problem but I
think it has clobbered the Microsoft security updated files. Now Windows
update thinks I have updated so I can not update again. Help

"Bob123" wrote:

> 2/9/05 Windows Update KB891781 has caused the Trellian Web Editor program to
> issue an error message "no such interface". Their present workaround is to
> disable this MS critical security update which deals w/a DHTML Active X
> security issue.
>
> How can this issue be fixed besides uninstalling(and leaving uninstalled)
> the KB891781 security patch? Is there any timeframe on a fix of this by
> MS...or is this a vendor issue? Thanks
> Bob123

The failure was that Terillian WebPage reports at start up "no such
interface" their solution as can be seen on their site is to uninstall the
above security update.

The security update installs a new version of DHTMLED.OCX (6.01.9231) and
installing WebPage after doing the security update revertes this back to
version 6.01.9102.

I did not get a pop up asking about replacing files and I have not ever seen
this on Windows 89SE.

It is true that everything seems to be working on my system but the security
update can not be working as I now have the old version of DHTMLED.OCX.

I have discovered with no hint from Microsoft that I can uninstall this
security update . The uninstall is under Add remove programmes and is listed
as Interner explorer Q891781 as internet explorer had not been mentioned in
the MS documents or how to uninstall or that it was called "Q....." I missed
it.

Uninstalling then reinstalling KB891781 replaced DHTMLED.OCX with the safe
new version and WebPage now no longer works and that is how I will leave it
until they come up with a proper fix.

I have learnt that with Windows 98SE I will have to check my files with
System file checker after every install by looking at version numbers AND
that just because I have updated with all the critical updates does not mean
that they are all functional. I understand there is a security checker from
Microsoft that actually checks that updates are installed AND functional for
XP but not 98.

"Pat Walters [MSFT]" wrote:

> "Pedro",
>
> What is the failure? How do you know that uninstalling the WebPage editor
> and reinstalling it over the updated files has somehow clobbered the
> security settings? Did you get a popup from Microsoft asking you if you
> wanted to replace system files with unknown files? I apologize, but I am
> confused as to how you are stuck. It seems like everything is working on
> your system.
>
> Please let us know by replying back to this group, and thanks.
>
> Sincerely,
>
> Pat Walters [MSFT]
> "Pedro" <> wrote in message
> news:75C6D80E-295E-4D9F-8769-...
> >I had the same failure but with WebPage using Windows 98SE I can not find
> >an
> > option to uninstall KB891781. I made what I think is a mistake by
> > uninstalling and reinstalling WebPage editor which fiexd the problem but
> > I
> > think it has clobbered the Microsoft security updated files. Now Windows
> > update thinks I have updated so I can not update again. Help
> >
> > "Bob123" wrote:
> >
> >> 2/9/05 Windows Update KB891781 has caused the Trellian Web Editor program
> >> to
> >> issue an error message "no such interface". Their present workaround is
> >> to
> >> disable this MS critical security update which deals w/a DHTML Active X
> >> security issue.
> >>
> >> How can this issue be fixed besides uninstalling(and leaving uninstalled)
> >> the KB891781 security patch? Is there any timeframe on a fix of this by
> >> MS...or is this a vendor issue? Thanks
> >> Bob123
>
>
>

"Pedro",

Thank you for that excellent response to my inquiry. I have researched the
update a bit, and I do see the quandry. As it stands, if you let Terillian
WebPage overwrite the DHTMLED.OCX, you are defeating the point of the
security update, which is:

"A cross-domain vulnerability exists in the Microsoft Dynamic HTML (DHTML)
Editing Component ActiveX control that could allow information disclosure or
remote code execution on an affected system. An attacker could exploit the
vulnerability by constructing a malicious Web page that could potentially
allow remote code execution if a user visited that page. An attacker who
successfully exploited this vulnerability could take complete control of an
affected system."

The update for Windows 98 can be downloaded here:
1. Go here: http://v4.windowsupdate.microsoft.com/en/default.asp
2. On the left hand panel, click the "Windows Update Catalog"
3. Click the link: Find updates for Microsoft Windows operating systems
4. Choose "Windows 98 and Windows 98 Second Edition" with the pull-down menu
5. Click "Advanced Search Options"
6. Under "Update types," uncheck all but one entry: "Critical Updates and
Service Packs"
7. Under the "Contains these words," enter: 891781
8. Click the Search button
9. Click the "Critical Updates and Service Packs (1)" to open it and find
the update below.
10. Click the "Add" button then click the "Go to Download Basket" link.
11. Click the "Browse" button to pick the location on your hard drive, then
download.
12. Install it at your convenience.

However, with the security update installed, the question to really ask is:
"Does the Terillian Webpage actually depend on the security vulnerability
within the DHTMLED.OCX?" and if so, why? Can THEY not issue an update to
their software to avoid this problem? The fix needed to be there for
security reasons.

Sincerely,

Pat Walters [MSFT]

"Pedro" <> wrote in message
news:11D43CA5-A8F7-40A8-BDBF-...
> The failure was that Terillian WebPage reports at start up "no such
> interface" their solution as can be seen on their site is to uninstall the
> above security update.
>
> The security update installs a new version of DHTMLED.OCX (6.01.9231) and
> installing WebPage after doing the security update revertes this back to
> version 6.01.9102.
>
> I did not get a pop up asking about replacing files and I have not ever
seen
> this on Windows 89SE.
>
> It is true that everything seems to be working on my system but the
security
> update can not be working as I now have the old version of DHTMLED.OCX.
>
> I have discovered with no hint from Microsoft that I can uninstall this
> security update . The uninstall is under Add remove programmes and is
listed
> as Interner explorer Q891781 as internet explorer had not been mentioned
in
> the MS documents or how to uninstall or that it was called "Q....." I
missed
> it.
>
> Uninstalling then reinstalling KB891781 replaced DHTMLED.OCX with the safe
> new version and WebPage now no longer works and that is how I will leave
it
> until they come up with a proper fix.
>
> I have learnt that with Windows 98SE I will have to check my files with
> System file checker after every install by looking at version numbers AND
> that just because I have updated with all the critical updates does not
mean
> that they are all functional. I understand there is a security checker
from
> Microsoft that actually checks that updates are installed AND functional
for
> XP but not 98.
>
> "Pat Walters [MSFT]" wrote:
>
> > "Pedro",
> >
> > What is the failure? How do you know that uninstalling the WebPage
editor
> > and reinstalling it over the updated files has somehow clobbered the
> > security settings? Did you get a popup from Microsoft asking you if you
> > wanted to replace system files with unknown files? I apologize, but I
am
> > confused as to how you are stuck. It seems like everything is working
on
> > your system.
> >
> > Please let us know by replying back to this group, and thanks.
> >
> > Sincerely,
> >
> > Pat Walters [MSFT]
> > "Pedro" <> wrote in message
> > news:75C6D80E-295E-4D9F-8769-...
> > >I had the same failure but with WebPage using Windows 98SE I can not
find
> > >an
> > > option to uninstall KB891781. I made what I think is a mistake by
> > > uninstalling and reinstalling WebPage editor which fiexd the problem
but
> > > I
> > > think it has clobbered the Microsoft security updated files. Now
Windows
> > > update thinks I have updated so I can not update again. Help
> > >
> > > "Bob123" wrote:
> > >
> > >> 2/9/05 Windows Update KB891781 has caused the Trellian Web Editor
program
> > >> to
> > >> issue an error message "no such interface". Their present workaround
is
> > >> to
> > >> disable this MS critical security update which deals w/a DHTML Active
X
> > >> security issue.
> > >>
> > >> How can this issue be fixed besides uninstalling(and leaving
uninstalled)
> > >> the KB891781 security patch? Is there any timeframe on a fix of this
by
> > >> MS...or is this a vendor issue? Thanks
> > >> Bob123
> >
> >
> >

"Pat Walters [MSFT]" <a-> wrote in message

>> Can THEY not issue an update to their software to avoid this
problem? The fix needed to be there for
> security reasons.
>
> Sincerely,
>
> Pat Walters [MSFT]

"Pat Walters [MSFT]" <a-> wrote in message
> Can THEY not issue an update to
> their software to avoid this problem? The fix needed to be there for
> security reasons.
>


Hi Pat:

Here's the bit that I've yet to see any Microsoft representative
respond to on any programming board where this question has come up.
I'm working for a third party software vendor also, we are
recommending customers remove this hotfix (which I don't like to do
but at the moment, we have no alternative).

What we would love from anyone at Microsoft is technical documentation
on how we could fix our applications. The patch was released with no
details about what was changed, and why previously well documented and
working interfaces were altered such that many applications are now
broken shouldn't be the case.

I appreciate this is not a programming group, and perhaps you are a
technician moreso than a software engineer, but you don't have to be a
programmer to see that these two applications, which I intentially
implemented in VB and Delphi (both highly English like languages) are
identical:

both forms contain:
- one DHTML Edit control (ocx):
- two buttons

The following are the 'click' events for each button (Visual Basic
first):
--
Private Sub Command1_Click()
DHTMLEdit1.DOM.body.innerHTML = "HELLO VB"
End Sub

Private Sub Command2_Click()
MsgBox DHTMLEdit1.DOM.body.innerHTML
End Sub
---

Here is the Delphi version:

----
implementation

{$R *.DFM}

procedure TForm1.Button1Click(Sender: TObject);
begin
DHTMLEdit1.DOM.body.innerHTML:= 'Hello Delphi';
end;

procedure TForm1.Button2Click(Sender: TObject);
begin
ShowMessage( DHTMLEdit1.DOM.body.innerHTML );
end;

end.
----

The application programming logic is identical, therefore if one
application requires a fix from the vendor, so does the other. Yet,
the Visual Basic program works on a patched system, the Delphi one
does not.

By the way, Microsoft development languges and environments seem
unaffected (makes sense, you'd test against your own products and
can't be responsible for the world's), however, most non-microsoft
development environments that make any use of this OCX return
'Interface not supported' or 'E_NOTIMPL' would be the COM error
message returned if you debug in say C or C++.

However, It's not as simple as saying 'well the vendors have to fix
their code', in this case, it's demonstrable that the code isn't the
problem, it appears that the way the DHTMLEd.ocx control was patched
is causing the aberrant program behaviour. Another possibility is the
way in which the other environments/languages marshal the call, but
then, Pascal and C are pretty compatible in that regard normally. It
could be a development tool problem too, but we're all guessing
because the change hasn't been documented in detail yet.

It just seems resonable that when you supply an operating system
product, and programming APIs, you also bear responsibility in
informing businesses that stake their enterprise on your technology
before you change documented interfaces about the nature and impact of
the change, or at least after the patch has been released. The
technical information available on the Microsoft/MSDN's site that
should be available to IT professionals is a little terse when it
comes to what was actually changed, but something that would improve
the situation (Microsoft has made great strides forward in the last
few years with security bulletins), but seeing this one in my inbox
gave me no clue that we'd be out of business if we didn't publish
patch removal instructions quickly.

It could be that Borland in our case needs to patch their Delphi
product to fix this properly, but again, detailed technical
information for your business partners (published on the web is fine
for us smaller ones) would really help . Borland could have
proactively altered its user base that this change could impact them.

Anyhow, sorry if this was a bit of a soapbox, and nothing was meant to
be on a personal level, I know we all have to find a solution that
works with the hotfix, we'd just like a little help .

Hello,

Maybe the VB program works in your example, but the patch did
introduce a change for VB as well:

Private Sub Form_Unload(Cancel as Integer)
msgbox DHTMLEdit1.DOM.body.innerHTML
End Sub

The above code DID work before the patch; however, after the update,
in form_unload (of QueryUnload) the .DOM is no longer available..

Just to inform you that DHTMLED.ocx problems (in my opinion) really
have to do with a sloppy update, but maybe I'm making a mistake?

Sincerely,
Olaf

(Olaf vH) wrote in message news:<. com>...
> Hello,
>
> Maybe the VB program works in your example, but the patch did
> introduce a change for VB as well:
>
> Private Sub Form_Unload(Cancel as Integer)
> msgbox DHTMLEdit1.DOM.body.innerHTML
> End Sub
>
> The above code DID work before the patch; however, after the update,
> in form_unload (of QueryUnload) the .DOM is no longer available..
>
> Just to inform you that DHTMLED.ocx problems (in my opinion) really
> have to do with a sloppy update, but maybe I'm making a mistake?
>
> Sincerely,
> Olaf

Well, you would probably have to pose that question of a VB expert .
It is curious that the program now fails after the update only. To me,
in the destruction of a resource, is a strange place to be grabbing
that resource's allocated objects' properties. But, that is a C++
programmer's perspective, so it would be best to ask accomplished VB
developers whether that was the 'correct' way to program that or not
.