Access Violation in PolEdit When Defining Allowed Windows Applications

View products that this article applies to.

This article was previously published under Q179553

Expand all | Collapse all

SYMPTOMS

The Windows NT System Policy Editor allows administrators to restrict the applications executable names that can be run by users. Defining an excessive number of applications will cause an access violation in System Policy Editor.

The error that is recorded in the application log is:

   Event ID 4097
   Dr Watson Error
   An application error has occurred and an application error log is being
   generated.
   Poledit.exe
   Exception:access violation (0xc000005), address 0x77c01329

Back to the top

CAUSE

A display problem in Poledit.exe passes invalid flags into the Treeview context.

Back to the top

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows NT 4.0 or Windows NT Server 4.0, Terminal Server Edition. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

152734 (http://support.microsoft.com/kb/152734/EN-US/ ) How to Obtain the Latest Windows NT 4.0 Service Pack

Back to the top

STATUS

Microsoft has confirmed that this is a problem in Windows NT 4.0 and Windows NT Server 4.0, Terminal Server Edition. This problem was first corrected in Windows NT 4.0 Service Pack 4.0 and Windows NT Server 4.0, Terminal Server Edition Service Pack 4.

Back to the top

MORE INFORMATION

The option to run only allowed applications can be turned on or off in System Policy Editor.

Run System Policy Editor (Poledit.exe).
On the File menu, click Open Registry.
Double-click Local User, double-click System, and then double-click Restrictions.
Click "Run only allowed Windows applications" to select or clear the check box.
Click OK, and then quit System Policy Editor.

Back to the top