Access Violation in PolEdit When Defining Allowed Windows Applications (179553)

The information in this article applies to:

Microsoft Windows NT Server 4.0 Terminal Server Edition
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server 4.0

This article was previously published under Q179553

SYMPTOMS

The Windows NT System Policy Editor allows administrators to restrict the applications executable names that can be run by users. Defining an excessive number of applications will cause an access violation in System Policy Editor.

The error that is recorded in the application log is:

   Event ID 4097
   Dr Watson Error
   An application error has occurred and an application error log is being
   generated.
   Poledit.exe
   Exception:access violation (0xc000005), address 0x77c01329

CAUSE

A display problem in Poledit.exe passes invalid flags into the Treeview context.

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows NT 4.0 or Windows NT Server 4.0, Terminal Server Edition. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

152734 How to Obtain the Latest Windows NT 4.0 Service Pack

STATUS

Microsoft has confirmed that this is a problem in Windows NT 4.0 and Windows NT Server 4.0, Terminal Server Edition. This problem was first corrected in Windows NT 4.0 Service Pack 4.0 and Windows NT Server 4.0, Terminal Server Edition Service Pack 4.

MORE INFORMATION

The option to run only allowed applications can be turned on or off in System Policy Editor.

Run System Policy Editor (Poledit.exe).
On the File menu, click Open Registry.
Double-click Local User, double-click System, and then double-click Restrictions.
Click "Run only allowed Windows applications" to select or clear the check box.
Click OK, and then quit System Policy Editor.

Modification Type:	Minor	Last Reviewed:	9/23/2005
Keywords:	kbHotfixServer kbQFE kbbug kbfix KB179553