Re: MSN Messenger forced upgrade _and_ Event Viewer alarm flood

From: Andrew Aronoff (aaronoff_at_AYA.YALE.EDU)
Date: 12/09/03

  • Next message: Inman, Dave: "Re: Outlook 2K and private Appointments" 
    Date:         Tue, 9 Dec 2003 11:04:54 +0100
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    Hello Vesselin,

    >>> Apparently Microsoft is forcing its MSN Messenger 6.1.01xx users to
    >>> upgrade to MSN Messenger 6.1.0203.

    > C'mon, folks, this issue is several months old.

    IMHO, this isn't the same issue. Users of MSN Messenger (MSNM)
    versions *prior to 6.0* (I was content with version 4.7 -- see below
    for why) were forced to upgrade by mid-October.

    > Apparently, the deadline has been reached and they have stopped
    > supporting the old version.

    The "old" version that's being discussed here is the version that was
    imposed as an upgrade. I'm currently using MSNM 6.0 and I have
    received no upgrade notices.

    > They are simply forcing a security patch because they can.

    No one's sure that this is a security patch -- hence the initial post
    in this thread.

    IAC, I'll exploit this thread to discuss an Event Viewer alarm flood
    bug in MSNM 6.0/6.1. I'm running MSNM on W2K SP4, but this problem was
    also noticed under SP3. Whenever I log off or shut down (as a Power
    User or Admin), an event is added to the AppLog:

    Source: EventSystem
    Category: Event Service
    Type: Warning
    Event ID: 4106
    Description: The COM+ Event System detected a corrupt
     IEventSubscription object. The COM+ Event System has removed object
     ID {UNIQUE_GUID_HERE}. The subscriber will no longer be notified when
     the event occurs.

    The problem also occurred with MSNM 5.0 and Windows Messenger 5.0. It
    disappeared completely if I downgraded to MSNM 4.7, but as of
    mid-October, this version is no longer functional.

    Event Viewer alarm floods are undesirable because they hide
    significant events. I especially do not appreciate such floods in MS
    apps, since MS should be ensuring that such problems are absent in
    beta testing (if not before).

    I've posted to MS newsgroups about this problem, but have had no
    response:
     http://tinyurl.com/rt1b
     http://tinyurl.com/p65v

    ... and I'm not the only one to have noticed it:
     http://tinyurl.com/ydx4
     http://tinyurl.com/ydxg
     http://tinyurl.com/ydxo
     http://tinyurl.com/ydxu
     http://tinyurl.com/ydy3

    I followed Eaton's registry edit directions at EventID.net:
    http://www.eventid.net/display.asp?eventid=4106
    ... but that had no effect.

    I obtained the COM+ hotfix detailed in MSKB 819995, but it had no
    effect, either.

    I'm dismayed by the following:

    1. Few users seem to monitor the Event Viewer, fewer know how to
       interpret errors, fewer detect alarm floods, and fewer still
       determine the responsible app. When someone finally notices,
       they're ignored because the problem hasn't been reported.

    2. Apparently, MS doesn't vet its apps for event log floods before
       it releases them. It also doesn't ensure that such floods are
       eliminated in upgrades (such as MSNM 5.0 -> 6.0 -> 6.1).

    regards, Andy

    -----
    Marcus Ranum's new book "The Myth of Homeland Security" is now out and
    is available from http://www.amazon.com/ranum In this hard-hitting
    review of the homeland security business, Ranum shows us how the problem
    is vastly harder than it's being made to sound, and how special
    interests, *** covering, and bureaucracy are threatening to derail any
    chance of making progress.
    -----

  • Next message: Inman, Dave: "Re: Outlook 2K and private Appointments"