Because some of the custom actions in Visual Studio 2005 are authored to impersonate the non-privileged token of the invoking user on Vista, a mitigation has been checked in for the patch wrapper that is used to add additional compression for the patch and to patch multiple products, if present, without rebooting in between.
The native wrapper isn’t automatically recognized as a setup executable like setup.exe, which is the filename used to install Visual Studio 2005 in the first place (which is why initial installation doesn’t exhibit this problem). This means that, for the patch, the client portion of the patch install uses the non-privileged token and custom actions like CA_GenerateEnvBat.3643236F_FC70_11D3_A536_0090278A1BB8 will fail when the patch installs because the custom action may get executed again during maintenance installs, including repair and patch scenarios.
To mitigate this problem, the patch wrapper’s manifest has been updated to include the <trustInfo/> element and its children to require elevation. This means the privileged token is assigned from the start to the wrapper and all child processes, by default, it creates – including msiexec.exe for the client portion of patch install. This way, when the custom action impersonates the invoking user it impersonates the privileged token. To uninstall this patch, you should not remove it from Add/Remove Programs but run the original patch executable, passing /uninstall to the command line. You may also run msiexec.exe from an elevated prompt using the same UninstallString found in the registry for the patch.
If you are installing the VS 2005 SP1 beta patch on Vista, it is recommended that you right click on the patch executable and select “Run As…”, or launch the executable from a privileged console window. The mitigation described here will be in the VS 2005 SP1 release patch.
0 comments