Exploit for "Zero-Day" Vulnerability Detected by Microsoft

[Marc57]

This is all I could find.

Description:
rthdcpl.exe is a process belonging to the Realtek HD Audio Control Panel and is bundled alongside Realtek sound cards and audio hardware. This program is a non-essential process, but should not be terminated unless suspected to be causing problems

Can you get an update?

[FreewheelinFrank]

This is why Microsoft takes so long to issue fixes- if it rushes them out like today, it'll bugger up something else at the same time it fixes the problem.

 

[igor]

Hm, interesting. Yes, (the updated) user32.dll now has the same base address as hhctrl.ocx. I wouldn't think it should be a problem, however... that's why they are DLLs - they are relocatable.

Maybe the system doesn't like to relocate its system libraries... but I'd expect user32.dll to be loaded before hhctrl.ocx anyway...
Strange.

[Marc57]

I've got the same process, and so far no problems (Vista HP).

[johnny223]

Oops! What does this mean? 

I have exactly the same problem too!  and i do have the realtek audio as audio driver, for now i just restored the computer back to before the update, but i dont know how to fix this :'(

[FreewheelinFrank]

Just found this:

http://support.microsoft.com/?kbid=925902

[Marc57]

Have you tried the hotfix Frank? does it work?

[drhayden1]

thanks for the info freewheelinfrank...didn't get the error as some of you got since i don't have the realtek audio as audio driver on both of my computers..they must of rush this patch out and now they have another problem-way to go again microsoft

[FreewheelinFrank]

CAUSE
This problem may occur after you install security update 925902 (MS07-017) and security update 928843 (MS07-008). The Hhctrl.ocx file that is included in security update 928843 and the User32.dll file that is included in security update 925902 have conflicting base addresses. This problem occurs if the program loads the Hhctrl.ocx file before it loads the User32.dll file.

RESOLUTION
Hotfix information
A supported hotfix is now available from Microsoft. However, it is intended to correct only the problem that is described in this article. Apply it only to systems that are experiencing this specific problem. This hotfix may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next Windows XP service pack that contains this hotfix.

To resolve this problem immediately, contact Microsoft Customer Support Services to obtain the hotfix. For a complete list of Microsoft Customer Support Services telephone numbers and information about support costs, visit the following Microsoft Web site:
http://support.microsoft.com/contactus/?ws=support (http://support.microsoft.com/contactus/?ws=support)
Note In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

Translation:

CAUSE
We goofed up.

RESOLUTION
We have a patch to fix the goof up, but it may goof up your computer even more, so we recommend you wait for the next blue moon XP service pack, or contact customer support where we will tell you how much we're going to charge for fixing our goof up.

[Marc57]

They're actually going to CHARGE to fix a problem THEY caused??    

[FreewheelinFrank]

Have you tried the hotfix Frank? does it work?

To resolve this problem immediately, contact Microsoft Customer Support Services to obtain the hotfix. For a complete list of Microsoft Customer Support Services telephone numbers and information about support costs, visit the following Microsoft Web site:

In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem.

Translation:

You want us to fix our goof up? Let's talk money! Hey, maybe the call centre worker Microsoft Support Professional will let you have it for free if he's had a good day and is feeling generous. 

[bob3160]

Frank your translations appear to be your attitude toward MS not their official policy.
I've yet to pay a dime for any problems with a Microsoft problem that directly traces back to their
product or a fix of a product.....

[FreewheelinFrank]

I think my translations are a fairly accurate paraphrase of what I read.

My attitude to MS is purely ad hoc: to ask customers to phone a national rate phone line (and wait half an hour for an answer, no doubt) and then maybe pay for the privilege of receiving a hotfix really sucks.

I don't know what sort of attitude you were expecting in this situation, but scoffing at Microsoft seems reasonably justified. 

[bob3160]

I don't know what sort of attitude you were expecting in this situation, but scoffing at Microsoft seems reasonably justified.

Have you called MS ?    If so, where you charged?
False positives aren't anything new and this isn't any different. I'm sure if this related to Fireox, your words would be a little kinder. 

[johnny223]

i cant find the link to the hotfix file