WMI AccessCheck Receives Local Administrator's SID (320678)
The information in this article applies to:
- Microsoft Windows XP Home Edition
- Microsoft Windows XP Professional
This article was previously published under Q320678 SYMPTOMS
The IWbemEventProviderSecurity::AccessCheck method is used by WMI event providers to check access permissions. This check occurs when a consumer tries to subscribe to an event. By definition, the AccessCheck method is passed the security identifier (SID) of the user who is trying to create the event registration. The consumer is permitted to subscribe to the event only if the consumer has access permission for the event. If this permission does not exist, the subscription is prevented. With Windows XP, when a permanent WMI event consumer is registered by a member of the local administrators group, the event provider's AccessCheck method is passed the local administrators group SID instead of the individual user's SID.
RESOLUTIONTo resolve this problem, obtain the latest service pack for Windows XP. For additional information, click the following article number to view the article in the
Microsoft Knowledge Base:
322389 How to Obtain the Latest Windows XP Service Pack
The English version of this fix should have the following file attributes or later:
Date Time Version Size File name
--------------------------------------------------------
17-Apr-2002 15:27:58 5.1.2600.42 259,072 Wbemess.dll
STATUSMicrosoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Windows XP Service Pack 1.
| Modification Type: | Minor | Last Reviewed: | 9/27/2005 |
|---|
| Keywords: | kbHotfixServer kbQFE kbbug kbenv kbfix kbSysAdmin kbWinXPsp1fix KB320678 |
|---|
|