UPHClean v1.6 Security Vulnerability Fix


The previous version of UPHClean did not call the system executable using quotes. This could in some scenarios allow a local user to elevate privileges. This issue has now been addressed in the current version. Thanks to Thierry Zoller from Verizon Business for reporting this issue to us.

 

Updated bits (v1.6g)  are being posted on the Microsoft Download Center and should be available shortly.


Comments (6)

  1. Anonymous says:

    hi i have this problem… but this prigram not fix it …why ? help me…

  2. Anonymous says:

    v1.6g only fixes the security issue.  There's no new functionality.  You can look at the history log in the readme.txt for more details about changes/fixes.

  3. Anonymous says:

    In using multiple versions of UPHClean, I have been encountering an issue I do not see mentioned elsewhere.  I'm wondering if you or anyone else has information regarding this issue:

     The first time a user logs out and UPHClean remaps the registry, it causes "C:Documents and SettingsDefault UserLocal SettingsApplication DataMicrosoftWindowsUsrClass.dat" to become locked.  On subsequent logins for other users, the event log shows a 1509 Userenv error when trying to copy this file since it is locked.  ProcessExplorer shows that the SYSTEM process has this file locked, so I believe it is caused by the loading of the "HKEY_USERS.DEFAULT".

     Is this expected behavior?

     Can these warnings be safely ignored?  It seems that if the UsrClass.dat file cannot be copied, then users will not be loading my customized Default profile's registry settings.

  4. Anonymous says:

    Just wondering if this 1.6g version includes the fix that prevents the winlogon.exe errors like v2.0 does?

  5. Anonymous says:

    In using multiple versions of UPHClean, I have been encountering an issue I do not see mentioned elsewhere.  I'm wondering if you or anyone else has information regarding this issue:

     The first time a user logs out and UPHClean remaps the registry, it causes "C:Documents and SettingsDefault UserLocal SettingsApplication DataMicrosoftWindowsUsrClass.dat" to become locked.  On subsequent logins for other users, the event log shows a 1509 Userenv error when trying to copy this file since it is locked.  ProcessExplorer shows that the SYSTEM process has this file locked, so I believe it is caused by the loading of the "HKEY_USERS.DEFAULT".

     Is this expected behavior?

     Can these warnings be safely ignored?  It seems that if the UsrClass.dat file cannot be copied, then users will not be loading my customized Default profile's registry settings.

  6. ethiopiawi says:

    hi one of my pc account says ‘ user profile can not be unloaded’
    Is there a solution to this problem?