The COM+ issues and updates that are addressed in Microsoft Windows XP SP2 are as follows:
Change RPCSS so that one component runs under the Local System account and another component runs under the Network service account
This update modifies the Remote Procedure Call Server service (RPCSS) so that one component of the service runs under the Local System account and another component of the service runs under the Network service account.
Modify the control of DCOM permissions
This update lets you to set different permissions for Component Object Model (COM) applications based on whether the caller is local or remote. A local caller indicates that the COM message was sent by using a lightweight remote procedure call (LRPC). A remote caller indicates that the COM message was sent by using a remote RPC protocol, such as TCP. For example, you can configure a COM server to accept local calls from all users and accept remote calls only from administrators.
Add both local access control entries (ACEs) and remote access ACEs to DCOM
This update adds two access control lists (ACLs) to permit computer-wide restrictions on all DCOM servers. This update lets you configure access limits on all DCOM servers that are on the computer. Additionally, this update creates access limits on RPCSS so that it no longer permits unauthenticated callers. These restrictions create a computer-wide policy to limit the default settings and any override settings that have been configured. This update applies to access permissions and to launch permissions.
Add RPC local-only interface registration to DCOM
This update configures DCOM to use a new RPC API for registering callers. The new API requires callers of the interface to be on the same computer as the DCOM server. DCOM can use this API for the private local interfaces that DCOM uses for communication between OLE32 and RPCSS. If access to the DCOM server is limited to local callers, DCOM can also use this API to register COM interfaces. With this update, DCOM is not subject to the RPC-wide policy settings that affect authentication. Instead, DCOM follows the settings that are configured for the server. (Limits are computer-wide.)
Restrict incoming network transactions in Distributed Transaction Coordinator
When network transactions are enabled in the original release version of Windows XP or in Windows XP Service Pack 1 (SP1), both transactions that are initiated by other computers and transactions that are initiated by the local computer are permitted. However, Windows XP is typically used as a client operating system. In this scenario, where Windows XP acts as a client, incoming transactions do not have to occur. A new option is available that divides network access into the following two types:
- Outgoing transactions only
- Both incoming and outgoing transactions
This update enables outbound transactions while blocking incoming transactions.
Make DCOM configuration settings available in Group Policy
With this update, a network administrator can use Group Policy to configure the DCOM settings on Windows XP SP2-based computers.
Add the IRpcOptions::Query COMBND_SERVER_LOCALITY property to Windows XP
This update adds the COMBND_SERVER_LOCALITY
option for the IRpcOptions::Query
Windows Management Instrumentation (WMI) method. WMI uses this option to determine whether a WMI connection is local or remote.
Add support for 16-bit OLE to embedded editions of Windows XP
This update adds support for 16-bit OLE DLLs in embedded editions of Windows XP.
The page heap may be corrupted if a registration error occurs in Microsoft Windows Media Player
If an error occurs in one of the Windows Media Player registrations, the page heap may be corrupted when Windows Media Player shuts down.
The computer unexpectedly restarts after you install Microsoft Security Bulletin MS03-026
If you configure a security template to enable the CrashOnAuditFailure registry value, your computer restarts unexpectedly after you install Microsoft Security Bulletin MS03-026.
A threading model mismatch error occurs
When you create a COM+ server program that is multithreaded and that uses proxy/stub
code, the COM+ catalog is configured to contain incorrect information. In this scenario, incorrect information is saved in the savedThreadinModel
column of the catalog database.Therefore, a threading model mismatch error occurs.
McAfee VirusScan ASaP does not update after you install Windows XP SP2
After you install a pre-release edition of Windows XP SP2, McAfee VirusScan ASaP does not update its virus definitions. When you try to update the virus definitions, you receive the following error message:
Unable to create Cab Installer Object.
Agent service may not be running properly. Please click here for more details.
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.