{"id":93935,"date":"2016-07-22T07:00:00","date_gmt":"2016-07-22T21:00:00","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/oldnewthing\/?p=93935"},"modified":"2019-03-13T11:04:36","modified_gmt":"2019-03-13T18:04:36","slug":"20160722-00","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/oldnewthing\/20160722-00\/?p=93935","title":{"rendered":"What is the significance of changing the registration for CLSIDs to point to a private copy of MSXML3?"},"content":{"rendered":"<p>A customer reported that several of their applications stopped working after they installed a third-party program, let&#8217;s call it Contoso Deluxe. They found that the Contoso Deluxe program, as part of its installation, rewrote some CLSID registrations. For example, <code>HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{F5078F37-C551-11D3-89B9-0000F81FE221}\\InProcServer32<\/code> is normally <code>%SystemRoot%\\System32\\msxml3.dll<\/code>, but installing Contoso Deluxe changes it to <code>C:\\Program Files\\Contoso\\Common\\msxml3.dll<\/code>. <\/p>\n<p>The customer wanted to understand the significance of this change. <\/p>\n<p>The significance of this change is that the Contoso Deluxe program hijacked a bunch of objects that normally belong to the <code>MSXML3.DLL<\/code> that comes with the operating system, redirecting requests for those object to the private copy of <code>MSXML3.DLL<\/code> that comes with the Contoso Deluxe program. <\/p>\n<p>I have two theories for why the Contoso Deluxe program does this. The <a HREF=\"https:\/\/en.wikipedia.org\/wiki\/Hanlon%27s_razor\">more charitable theory<\/a> is that the developers wanted to redistribute <code>MSXML3.DLL<\/code> and didn&#8217;t know that there were <a HREF=\"https:\/\/msdn.microsoft.com\/en-us\/library\/cc507441(v=vs.85).aspx\">specific instructions on how to do it correctly<\/a>. Instead, they just packaged the DLL with their program and blasted the registry keys as part of installation. <\/p>\n<p>If that&#8217;s the case, then they should have followed the installation and redistribution instructions, so that the <code>MSXML3.DLL<\/code> file gets installed properly. Part of that proper installation is &#8220;If you see an existing copy of <code>MSXML3.DLL<\/code> that is newer than the one you are trying to install, then use the existing copy.&#8221; <\/p>\n<p>Another theory is that the developers found some sort of problem with newer versions of <code>MSXML3.DLL<\/code> and decided to solve the problem by locking their program to a specific version of <code>MSXML3.DLL<\/code> by packaging it with the program and directing all MSXML objects to their private copy of <code>MSXML3.DLL<\/code>. <\/p>\n<p>If that were indeed their intention, then they tried to apply a global solution to a local problem. Because what they did was redirect all MSXML objects <i>for all applications in the system<\/i> to their private copy of <code>MSXML3.DLL<\/code>, even though they really wanted to redirect the object only for their program. The proper way to do this is to use an application manifest and registration-free COM to redirect the classes just for their program. (Of course, the real proper way to solve the problem is to figure out why their program doesn&#8217;t work with newer versions of <code>MSXML3.DLL<\/code>.) <\/p>\n<p>Note also that a private copy of <code>MSXML3.DLL<\/code> will not get serviced by Windows Update, which means that machines with that private copy will not receive <a HREF=\"https:\/\/technet.microsoft.com\/en-us\/library\/security\/ms02-008.aspx\">security fixes to <code>MSXML3.DLL<\/code><\/a>. (More accurately, they will receive security fixes to <code>C:\\Windows\\system32\\msxml3.dll<\/code>, which is useless because the system is using <code>C:\\Program Files\\Contoso\\Common\\msxml3.dll<\/code>.) <\/p>\n<p>We advised the customer to engage with Contoso and work with them to fix the Contoso Deluxe program so that it neither breaks every program that uses <code>MSXML3.DLL<\/code>, nor prevents Windows Update from fixing security issues in <code>MSXML3.DLL<\/code>. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>You hijacked the CLSID, which is not going to end well.<\/p>\n","protected":false},"author":1069,"featured_media":111744,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[26],"class_list":["post-93935","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-oldnewthing","tag-other"],"acf":[],"blog_post_summary":"<p>You hijacked the CLSID, which is not going to end well.<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/93935","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/users\/1069"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/comments?post=93935"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/93935\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media\/111744"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media?parent=93935"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/categories?post=93935"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/tags?post=93935"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}