WMI encountered a problem updating .NET framework 3.5

Q

Quintin Willison

Guest
This is starting to get very frustrating. I first tried a manual update
after several months of not updating on 14th October. Since that day I've
not been able to update with a WMI error coming up. Initially it seemed that
Microsoft would allow all the high priority updates to install together. Now
it inists on the first entry being installed solo [Microsoft .NET Framework
3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0
through 3.5 (KB951847) x86] but still fails!!

Screen shot here: http://www.twitpic.com/lh94t/full
Another here: http://www.twitpic.com/lh9g5/full

After reading a suggestion elsewhere I tried running WMIDiag v2.0 as
downloaded from Microsoft. It seems to spot 'problems' with WMI but offers
no suggestion as to how to fix them:

26290 06:43:32 (0)
----------------------------------------------------------------------------------------------------------------------------------
26291 06:43:32 (0) DCOM security for 'Microsoft WBEM UnSecured Apartment'
(Launch & Activation Permissions): ........................... MODIFIED.
26292 06:43:32 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has
been REMOVED!
26293 06:43:32 (0) - REMOVED ACE:
26294 06:43:32 (0) ACEType: &h0
26295 06:43:32 (0) ACCESS_ALLOWED_ACE_TYPE
26296 06:43:32 (0) ACEFlags: &h0
26297 06:43:32 (0) ACEMask: &h1
26298 06:43:32 (0) DCOM_RIGHT_EXECUTE
26299 06:43:32 (0)
26300 06:43:32 (0) => The REMOVED ACE was part of the DEFAULT setup for
the trustee.
26301 06:43:32 (0) Removing default security will cause some
operations to fail!
26302 06:43:32 (0) It is possible to fix this issue by editing the
security descriptor and adding the ACE.
26303 06:43:32 (0) For DCOM objects, this can be done with
'DCOMCNFG.EXE'.
26304 06:43:32 (0)
26305 06:43:32 (0) DCOM security for 'Microsoft WBEM UnSecured Apartment'
(Launch & Activation Permissions): ........................... MODIFIED.
26306 06:43:32 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has
been REMOVED!
26307 06:43:32 (0) - REMOVED ACE:
26308 06:43:32 (0) ACEType: &h0
26309 06:43:32 (0) ACCESS_ALLOWED_ACE_TYPE
26310 06:43:32 (0) ACEFlags: &h0
26311 06:43:32 (0) ACEMask: &h1
26312 06:43:32 (0) DCOM_RIGHT_EXECUTE
26313 06:43:32 (0)
26314 06:43:32 (0) => The REMOVED ACE was part of the DEFAULT setup for
the trustee.
26315 06:43:32 (0) Removing default security will cause some
operations to fail!
26316 06:43:32 (0) It is possible to fix this issue by editing the
security descriptor and adding the ACE.
26317 06:43:32 (0) For DCOM objects, this can be done with
'DCOMCNFG.EXE'.
26318 06:43:32 (0)
26319 06:43:32 (0) DCOM security for 'Microsoft WBEM UnSecured Apartment'
(Launch & Activation Permissions): ........................... MODIFIED.
26320 06:43:32 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been
REMOVED!
26321 06:43:32 (0) - REMOVED ACE:
26322 06:43:32 (0) ACEType: &h0
26323 06:43:32 (0) ACCESS_ALLOWED_ACE_TYPE
26324 06:43:32 (0) ACEFlags: &h0
26325 06:43:32 (0) ACEMask: &h1
26326 06:43:32 (0) DCOM_RIGHT_EXECUTE
26327 06:43:32 (0)
26328 06:43:32 (0) => The REMOVED ACE was part of the DEFAULT setup for
the trustee.
26329 06:43:32 (0) Removing default security will cause some
operations to fail!
26330 06:43:32 (0) It is possible to fix this issue by editing the
security descriptor and adding the ACE.
26331 06:43:32 (0) For DCOM objects, this can be done with
'DCOMCNFG.EXE'.
26332 06:43:32 (0)
26333 06:43:32 (0) WMI namespace security for 'ROOT/SERVICEMODEL':
......................................................................
MODIFIED.
26334 06:43:32 (1) !! ERROR: Actual trustee 'NT AUTHORITY\NETWORK SERVICE'
DOES NOT match corresponding expected trustee rights (Actual->Default)
26335 06:43:32 (0) - ACTUAL ACE:
26336 06:43:32 (0) ACEType: &h0
26337 06:43:32 (0) ACCESS_ALLOWED_ACE_TYPE
26338 06:43:32 (0) ACEFlags: &h2
26339 06:43:32 (0) CONTAINER_INHERIT_ACE
26340 06:43:32 (0) ACEMask: &h1
26341 06:43:32 (0) WBEM_ENABLE
26342 06:43:32 (0) - EXPECTED ACE:
26343 06:43:32 (0) ACEType: &h0
26344 06:43:32 (0) ACCESS_ALLOWED_ACE_TYPE
26345 06:43:32 (0) ACEFlags: &h12
26346 06:43:32 (0) CONTAINER_INHERIT_ACE
26347 06:43:32 (0) INHERITED_ACE
26348 06:43:32 (0) ACEMask: &h13
26349 06:43:32 (0) WBEM_ENABLE
26350 06:43:32 (0) WBEM_METHOD_EXECUTE
26351 06:43:32 (0) WBEM_WRITE_PROVIDER
26352 06:43:32 (0)
26353 06:43:32 (0) => The actual ACE has the right(s) '&h12
WBEM_METHOD_EXECUTE WBEM_WRITE_PROVIDER' removed!
26354 06:43:32 (0) This will cause some operations to fail!
26355 06:43:32 (0) It is possible to fix this issue by editing the
security descriptor and adding the removed right.
26356 06:43:32 (0) For WMI namespaces, this can be done with
'WMIMGMT.MSC'.
26357 06:43:32 (0) Note: WMIDiag has no specific knowledge of this WMI
namespace.
26358 06:43:32 (0) The security diagnostic is based on the WMI
namespace expected defaults.
26359 06:43:32 (0) A specific WMI application can always require a
security setup different
26360 06:43:32 (0) than the WMI security defaults.
26361 06:43:32 (0)
26362 06:43:32 (0) WMI namespace security for 'ROOT/SERVICEMODEL':
......................................................................
MODIFIED.
26363 06:43:32 (1) !! ERROR: Actual trustee 'NT AUTHORITY\LOCAL SERVICE'
DOES NOT match corresponding expected trustee rights (Actual->Default)
26364 06:43:32 (0) - ACTUAL ACE:
26365 06:43:32 (0) ACEType: &h0
26366 06:43:32 (0) ACCESS_ALLOWED_ACE_TYPE
26367 06:43:32 (0) ACEFlags: &h2
26368 06:43:32 (0) CONTAINER_INHERIT_ACE
26369 06:43:32 (0) ACEMask: &h1
26370 06:43:32 (0) WBEM_ENABLE
26371 06:43:32 (0) - EXPECTED ACE:
26372 06:43:32 (0) ACEType: &h0
26373 06:43:32 (0) ACCESS_ALLOWED_ACE_TYPE
26374 06:43:32 (0) ACEFlags: &h12
26375 06:43:32 (0) CONTAINER_INHERIT_ACE
26376 06:43:32 (0) INHERITED_ACE
26377 06:43:32 (0) ACEMask: &h13
26378 06:43:32 (0) WBEM_ENABLE
26379 06:43:32 (0) WBEM_METHOD_EXECUTE
26380 06:43:32 (0) WBEM_WRITE_PROVIDER
26381 06:43:32 (0)
26382 06:43:32 (0) => The actual ACE has the right(s) '&h12
WBEM_METHOD_EXECUTE WBEM_WRITE_PROVIDER' removed!
26383 06:43:32 (0) This will cause some operations to fail!
26384 06:43:32 (0) It is possible to fix this issue by editing the
security descriptor and adding the removed right.
26385 06:43:32 (0) For WMI namespaces, this can be done with
'WMIMGMT.MSC'.
26386 06:43:32 (0) Note: WMIDiag has no specific knowledge of this WMI
namespace.
26387 06:43:32 (0) The security diagnostic is based on the WMI
namespace expected defaults.
26388 06:43:32 (0) A specific WMI application can always require a
security setup different
26389 06:43:32 (0) than the WMI security defaults.
26390 06:43:32 (0)
26391 06:43:32 (0) WMI namespace security for 'ROOT/SERVICEMODEL':
......................................................................
MODIFIED.
26392 06:43:32 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED!
26393 06:43:32 (0) - REMOVED ACE:
26394 06:43:32 (0) ACEType: &h0
26395 06:43:32 (0) ACCESS_ALLOWED_ACE_TYPE
26396 06:43:32 (0) ACEFlags: &h12
26397 06:43:32 (0) CONTAINER_INHERIT_ACE
26398 06:43:32 (0) INHERITED_ACE
26399 06:43:32 (0) ACEMask: &h13
26400 06:43:32 (0) WBEM_ENABLE
26401 06:43:32 (0) WBEM_METHOD_EXECUTE
26402 06:43:32 (0) WBEM_WRITE_PROVIDER
26403 06:43:32 (0)
26404 06:43:32 (0) => The REMOVED ACE was part of the DEFAULT setup for
the trustee.
26405 06:43:32 (0) Removing default security will cause some
operations to fail!
26406 06:43:32 (0) It is possible to fix this issue by editing the
security descriptor and adding the ACE.
26407 06:43:32 (0) For WMI namespaces, this can be done with
'WMIMGMT.MSC'.
26408 06:43:32 (0) Note: WMIDiag has no specific knowledge of this WMI
namespace.
26409 06:43:32 (0) The security diagnostic is based on the WMI
namespace expected defaults.
26410 06:43:32 (0) A specific WMI application can always require a
security setup different
26411 06:43:32 (0) than the WMI security defaults.
26412 06:43:32 (0)
26413 06:43:32 (0)
26414 06:43:32 (0) DCOM security warning(s) detected:
................................................................................... 0.
26415 06:43:32 (0) DCOM security error(s) detected:
..................................................................................... 3.
26416 06:43:32 (0) WMI security warning(s) detected:
.................................................................................... 0.
26417 06:43:32 (0) WMI security error(s) detected:
...................................................................................... 3.
26418 06:43:32 (0)
26419 06:43:32 (1) !! ERROR: Overall DCOM security status:
................................................................................. ERROR!
26420 06:43:32 (1) !! ERROR: Overall WMI security status:
.................................................................................. ERROR!
26421 06:43:32 (0) - Started at 'Root'
--------------------------------------------------------------------------------------------------------------


It's obviously not well! Is there a tool out there to 'fix' WMI security
settings? My current option seems to be OS reinstall.

Any ideas appreciated.

Thanks.
 
Please state your full Windows version (e.g., WinXP SP3; Vista 64-bit SP2;
Win7 RC; Win7 RTM) when posting in a forum or newsgroup.
<span style="color:blue">
> ...after several months of not updating...</span>

Why haven't you been updating for "several months?"

Is Automatic Updates enabled?

What anti-virus application or security suite is installed and is your
subscription current? What anti-spyware applications (other than Defender)?
What third-party firewall (if any)?

Has a(another) Norton or McAfee application ever been installed on this
machine (e.g., a free-trial version that came preinstalled when you bought
it)?
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Client - since 2002


Quintin Willison wrote:<span style="color:blue">
> This is starting to get very frustrating. I first tried a manual update
> after several months of not updating on 14th October. Since that day I've
> not been able to update with a WMI error coming up. Initially it seemed
> that
> Microsoft would allow all the high priority updates to install together.
> Now
> it inists on the first entry being installed solo [Microsoft .NET
> Framework
> 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions
> 2.0
> through 3.5 (KB951847) x86] but still fails!!
>
> Screen shot here: http://www.twitpic.com/lh94t/full
> Another here: http://www.twitpic.com/lh9g5/full
>
> After reading a suggestion elsewhere I tried running WMIDiag v2.0 as
> downloaded from Microsoft. It seems to spot 'problems' with WMI but
> offers
> no suggestion as to how to fix them:
>
> 26290 06:43:32 (0)
> ----------------------------------------------------------------------------------------------------------------------------------
> 26291 06:43:32 (0) DCOM security for 'Microsoft WBEM UnSecured
> Apartment'
> (Launch & Activation Permissions): ........................... MODIFIED.
> 26292 06:43:32 (1) !! ERROR: Default trustee 'BUILTINADMINISTRATORS' has
> been REMOVED!
> 26293 06:43:32 (0) - REMOVED ACE:
> 26294 06:43:32 (0) ACEType: &h0
> 26295 06:43:32 (0) ACCESS_ALLOWED_ACE_TYPE
> 26296 06:43:32 (0) ACEFlags: &h0
> 26297 06:43:32 (0) ACEMask: &h1
> 26298 06:43:32 (0) DCOM_RIGHT_EXECUTE
> 26299 06:43:32 (0)
> 26300 06:43:32 (0) => The REMOVED ACE was part of the DEFAULT setup for
> the trustee.
> 26301 06:43:32 (0) Removing default security will cause some
> operations to fail!
> 26302 06:43:32 (0) It is possible to fix this issue by editing the
> security descriptor and adding the ACE.
> 26303 06:43:32 (0) For DCOM objects, this can be done with
> 'DCOMCNFG.EXE'.
> 26304 06:43:32 (0)
> 26305 06:43:32 (0) DCOM security for 'Microsoft WBEM UnSecured
> Apartment'
> (Launch & Activation Permissions): ........................... MODIFIED.
> 26306 06:43:32 (1) !! ERROR: Default trustee 'NT AUTHORITYINTERACTIVE'
> has
> been REMOVED!
> 26307 06:43:32 (0) - REMOVED ACE:
> 26308 06:43:32 (0) ACEType: &h0
> 26309 06:43:32 (0) ACCESS_ALLOWED_ACE_TYPE
> 26310 06:43:32 (0) ACEFlags: &h0
> 26311 06:43:32 (0) ACEMask: &h1
> 26312 06:43:32 (0) DCOM_RIGHT_EXECUTE
> 26313 06:43:32 (0)
> 26314 06:43:32 (0) => The REMOVED ACE was part of the DEFAULT setup for
> the trustee.
> 26315 06:43:32 (0) Removing default security will cause some
> operations to fail!
> 26316 06:43:32 (0) It is possible to fix this issue by editing the
> security descriptor and adding the ACE.
> 26317 06:43:32 (0) For DCOM objects, this can be done with
> 'DCOMCNFG.EXE'.
> 26318 06:43:32 (0)
> 26319 06:43:32 (0) DCOM security for 'Microsoft WBEM UnSecured
> Apartment'
> (Launch & Activation Permissions): ........................... MODIFIED.
> 26320 06:43:32 (1) !! ERROR: Default trustee 'NT AUTHORITYSYSTEM' has
> been
> REMOVED!
> 26321 06:43:32 (0) - REMOVED ACE:
> 26322 06:43:32 (0) ACEType: &h0
> 26323 06:43:32 (0) ACCESS_ALLOWED_ACE_TYPE
> 26324 06:43:32 (0) ACEFlags: &h0
> 26325 06:43:32 (0) ACEMask: &h1
> 26326 06:43:32 (0) DCOM_RIGHT_EXECUTE
> 26327 06:43:32 (0)
> 26328 06:43:32 (0) => The REMOVED ACE was part of the DEFAULT setup for
> the trustee.
> 26329 06:43:32 (0) Removing default security will cause some
> operations to fail!
> 26330 06:43:32 (0) It is possible to fix this issue by editing the
> security descriptor and adding the ACE.
> 26331 06:43:32 (0) For DCOM objects, this can be done with
> 'DCOMCNFG.EXE'.
> 26332 06:43:32 (0)
> 26333 06:43:32 (0) WMI namespace security for 'ROOT/SERVICEMODEL':
> .....................................................................
> MODIFIED.
> 26334 06:43:32 (1) !! ERROR: Actual trustee 'NT AUTHORITYNETWORK SERVICE'
> DOES NOT match corresponding expected trustee rights (Actual->Default)
> 26335 06:43:32 (0) - ACTUAL ACE:
> 26336 06:43:32 (0) ACEType: &h0
> 26337 06:43:32 (0) ACCESS_ALLOWED_ACE_TYPE
> 26338 06:43:32 (0) ACEFlags: &h2
> 26339 06:43:32 (0) CONTAINER_INHERIT_ACE
> 26340 06:43:32 (0) ACEMask: &h1
> 26341 06:43:32 (0) WBEM_ENABLE
> 26342 06:43:32 (0) - EXPECTED ACE:
> 26343 06:43:32 (0) ACEType: &h0
> 26344 06:43:32 (0) ACCESS_ALLOWED_ACE_TYPE
> 26345 06:43:32 (0) ACEFlags: &h12
> 26346 06:43:32 (0) CONTAINER_INHERIT_ACE
> 26347 06:43:32 (0) INHERITED_ACE
> 26348 06:43:32 (0) ACEMask: &h13
> 26349 06:43:32 (0) WBEM_ENABLE
> 26350 06:43:32 (0) WBEM_METHOD_EXECUTE
> 26351 06:43:32 (0) WBEM_WRITE_PROVIDER
> 26352 06:43:32 (0)
> 26353 06:43:32 (0) => The actual ACE has the right(s) '&h12
> WBEM_METHOD_EXECUTE WBEM_WRITE_PROVIDER' removed!
> 26354 06:43:32 (0) This will cause some operations to fail!
> 26355 06:43:32 (0) It is possible to fix this issue by editing the
> security descriptor and adding the removed right.
> 26356 06:43:32 (0) For WMI namespaces, this can be done with
> 'WMIMGMT.MSC'.
> 26357 06:43:32 (0) Note: WMIDiag has no specific knowledge of this WMI
> namespace.
> 26358 06:43:32 (0) The security diagnostic is based on the WMI
> namespace expected defaults.
> 26359 06:43:32 (0) A specific WMI application can always require
> a
> security setup different
> 26360 06:43:32 (0) than the WMI security defaults.
> 26361 06:43:32 (0)
> 26362 06:43:32 (0) WMI namespace security for 'ROOT/SERVICEMODEL':
> .....................................................................
> MODIFIED.
> 26363 06:43:32 (1) !! ERROR: Actual trustee 'NT AUTHORITYLOCAL SERVICE'
> DOES NOT match corresponding expected trustee rights (Actual->Default)
> 26364 06:43:32 (0) - ACTUAL ACE:
> 26365 06:43:32 (0) ACEType: &h0
> 26366 06:43:32 (0) ACCESS_ALLOWED_ACE_TYPE
> 26367 06:43:32 (0) ACEFlags: &h2
> 26368 06:43:32 (0) CONTAINER_INHERIT_ACE
> 26369 06:43:32 (0) ACEMask: &h1
> 26370 06:43:32 (0) WBEM_ENABLE
> 26371 06:43:32 (0) - EXPECTED ACE:
> 26372 06:43:32 (0) ACEType: &h0
> 26373 06:43:32 (0) ACCESS_ALLOWED_ACE_TYPE
> 26374 06:43:32 (0) ACEFlags: &h12
> 26375 06:43:32 (0) CONTAINER_INHERIT_ACE
> 26376 06:43:32 (0) INHERITED_ACE
> 26377 06:43:32 (0) ACEMask: &h13
> 26378 06:43:32 (0) WBEM_ENABLE
> 26379 06:43:32 (0) WBEM_METHOD_EXECUTE
> 26380 06:43:32 (0) WBEM_WRITE_PROVIDER
> 26381 06:43:32 (0)
> 26382 06:43:32 (0) => The actual ACE has the right(s) '&h12
> WBEM_METHOD_EXECUTE WBEM_WRITE_PROVIDER' removed!
> 26383 06:43:32 (0) This will cause some operations to fail!
> 26384 06:43:32 (0) It is possible to fix this issue by editing the
> security descriptor and adding the removed right.
> 26385 06:43:32 (0) For WMI namespaces, this can be done with
> 'WMIMGMT.MSC'.
> 26386 06:43:32 (0) Note: WMIDiag has no specific knowledge of this WMI
> namespace.
> 26387 06:43:32 (0) The security diagnostic is based on the WMI
> namespace expected defaults.
> 26388 06:43:32 (0) A specific WMI application can always require
> a
> security setup different
> 26389 06:43:32 (0) than the WMI security defaults.
> 26390 06:43:32 (0)
> 26391 06:43:32 (0) WMI namespace security for 'ROOT/SERVICEMODEL':
> .....................................................................
> MODIFIED.
> 26392 06:43:32 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED!
> 26393 06:43:32 (0) - REMOVED ACE:
> 26394 06:43:32 (0) ACEType: &h0
> 26395 06:43:32 (0) ACCESS_ALLOWED_ACE_TYPE
> 26396 06:43:32 (0) ACEFlags: &h12
> 26397 06:43:32 (0) CONTAINER_INHERIT_ACE
> 26398 06:43:32 (0) INHERITED_ACE
> 26399 06:43:32 (0) ACEMask: &h13
> 26400 06:43:32 (0) WBEM_ENABLE
> 26401 06:43:32 (0) WBEM_METHOD_EXECUTE
> 26402 06:43:32 (0) WBEM_WRITE_PROVIDER
> 26403 06:43:32 (0)
> 26404 06:43:32 (0) => The REMOVED ACE was part of the DEFAULT setup for
> the trustee.
> 26405 06:43:32 (0) Removing default security will cause some
> operations to fail!
> 26406 06:43:32 (0) It is possible to fix this issue by editing the
> security descriptor and adding the ACE.
> 26407 06:43:32 (0) For WMI namespaces, this can be done with
> 'WMIMGMT.MSC'.
> 26408 06:43:32 (0) Note: WMIDiag has no specific knowledge of this WMI
> namespace.
> 26409 06:43:32 (0) The security diagnostic is based on the WMI
> namespace expected defaults.
> 26410 06:43:32 (0) A specific WMI application can always require
> a
> security setup different
> 26411 06:43:32 (0) than the WMI security defaults.
> 26412 06:43:32 (0)
> 26413 06:43:32 (0)
> 26414 06:43:32 (0) DCOM security warning(s) detected:
> ..................................................................................
> 0. 26415 06:43:32 (0) DCOM security error(s) detected:
> ....................................................................................
> 3. 26416 06:43:32 (0) WMI security warning(s) detected:
> ...................................................................................
> 0. 26417 06:43:32 (0) WMI security error(s) detected:
> .....................................................................................
> 3. 26418 06:43:32 (0)
> 26419 06:43:32 (1) !! ERROR: Overall DCOM security status:
> ................................................................................
> ERROR! 26420 06:43:32 (1) !! ERROR: Overall WMI security status:
> .................................................................................
> ERROR! 26421 06:43:32 (0) - Started at 'Root'
> --------------------------------------------------------------------------------------------------------------
>
>
> It's obviously not well! Is there a tool out there to 'fix' WMI security
> settings? My current option seems to be OS reinstall.
>
> Any ideas appreciated.
>
> Thanks. </span>
 

Similar threads

M
Requesting Assistance with WMI heatlh in relation with SMS Advanced Clients (SP3)
Replies
0
Views
1K
Mrbobbrain
M
J
Automatic Update: Access is Denied
Replies
10
Views
548
chrishongrocks
C
E
Workaround for Windows Update 0x800703e3
Replies
1
Views
76
MowGreen
M
S
How do I fix a Vista WMI EventID 10 problem?
Replies
15
Views
242
mkel404
M
L
The Golden Rule - A Man Takes a Stand -you can not find a singlesoldier on Earth to publicly support
Replies
0
Views
29
land_of_the_slave@hotmail.com
L
Back
Top