none
FBWF Issues - Security Warnings RRS feed

  • Question

  • I've been experiencing an issue with the FBWF and am curious if anyone else has seen the same.. Or is this behavior expected?

    When I enable the FBWF on my system and reboot, I continually get the security warning message: "The publisher could not be verified. Are you sure you want to run this software?" on many executables that start up even when logging into the system. For example, even running microsoft products (An example: C:\windows\system32\calc.exe) prompts this message, and I have to hit 'Run' to get it to start. I think whatever is causing this problem is interfering with a number of services from 3rd party applications that won't start while the FBWF is enabled as well.

    I also notice that even .msc applications will not run. When I right click My Computer and select Manage, I am getting the same warning and have to hit open to proceed. This

    Again, this ONLY happens when the FBWF is enabled on the C:\. When I disable it, the system runs fine. Any ideas? I don't recall seeing these problems on WES.

    I don't know if this matters, but this image I am testing with has been captured into a WIM and restored to my device multiple times for testing purposes.

    Thursday, September 29, 2011 10:00 PM

Answers

All replies

  • Was sysprep applied before capturing the image, and these are the clones that are having the problem? Did the original master have the problem?

    -Sean


    www.sjjmicro.com / www.seanliming.com / www.annabooks.com, Book Author - ProGuide to WES 7, XP Embedded Advanced, WEPOS / POS for .NET Step-by-Step
    Friday, September 30, 2011 3:14 AM
    Moderator
  • Sean,

    Thanks for your response. I am still configuring the 'master' image, and it was switched into audit mode as soon as I finished building the image from the answer file. I am experiencing this issue on this image pre-sysprep and post-sysprep. I also checked an older image I had created before and it was also displaying this behavior.

    As a band-aid solution, I can go into gpedit.msc -> Administrative Templates -> Windows Components -> Attachment Manager and add .exe and .msc to the list for moderate risk file types. However, this possibly lowers security overall and isn't ideal. It also doesn't address the problems i'm experiencing with some services that won't start up. I'm guessing that problem is caused by the same reason, whatever that is.

    Is this behavior expected in audit mode?

    Friday, September 30, 2011 3:18 PM
  • I am just bumping this issue; I still have not found a resolution yet, and it's a pretty major problem for the project im working on.


    Are there any other avenues anyone could recommend?

     

    Thanks for any additional input,

    Thursday, October 6, 2011 5:40 PM
  • I've also been working on an embedded project and we just started enabling FBWF on an image that has been working fine for several weeks.  The only answer file changes were the FBWF component (including a few ProtectedVolumes), DisableSR, EnablePrefetcher & EnableSuperfetch; just the typical changes to enable FBWF.  Now I get the same issue you're getting, plus security message boxes about dinotify.exe as well.  If I disable the FBWF, everything works fine.  

    Is there any updates on this issue?

    Tuesday, October 18, 2011 3:03 PM
  • Our test team confirmed the issue with FBWF and this has been corrected in the next Optional updates that are currently under development. Sorry for the inconvenience.

    --- Sergey

    • Marked as answer by Cytosol Monday, October 31, 2011 7:28 PM
    Tuesday, October 18, 2011 6:23 PM
  • Finaly some good news.
    Windows Embedded Developer and Scripting Guy //Germany
    Tuesday, October 18, 2011 7:13 PM
  • Sergey, when will this Optional update be available?
    Wednesday, October 19, 2011 4:56 PM
  • You want to contact Customer Support and Services team. See the detail reply from the thread:

    http://social.msdn.microsoft.com/Forums/en-NZ/embeddedwindowseefs/thread/64e287c2-13fd-4fef-838f-0ab1c266d186

    ... I would ask any forum participant, when faced with an issue that is blocking them which cannot be resolved in the community, to create a support incident with CSS. This way, if there is no resolution, a bug can be created which includes the customer impact information. This is also a structured communication channel assuring updates on the work being done and on the decisions being made for the reported issue. ...

    ---Sergey

    Wednesday, October 19, 2011 5:47 PM
  • Thanks for following up, Sergey. I'm glad that this issue was identified and that a resolution is being worked out.

    Do you know at this time if the update could be applied to a runtime image, or does the distribution share need to be updated in order to fix this issue?

     

    Monday, October 31, 2011 7:28 PM
  • Most WES7 OS updates are provided in .msu format that can be applied to the runtime.

    ---Sergey

    Tuesday, November 15, 2011 5:13 AM
  • Hi Sergey,

    what about this issue? Optional updates is done?

     

    Regards,

    Valerio

    Monday, December 5, 2011 11:31 AM
  • The fix is not available on ECE yet. I would recommend contacting CSS in case of urgent business requirements.

    ---Sergey

    Wednesday, December 7, 2011 7:59 PM
    • Marked as answer by Cytosol Monday, March 26, 2012 5:04 PM
    Wednesday, February 22, 2012 5:08 PM
  • Fix from MS:

    http://www.microsoft.com/download/en/details.aspx?id=28759


    Stoyan Sabev


    Thanks for your help, gentlemen. I have tested this patch and it has completely resolved the issue.
    • Edited by Cytosol Monday, March 26, 2012 5:04 PM
    Monday, March 26, 2012 5:04 PM
  • Fix for 64 bit systems:

    https://download.microsoft.com/download/4/5/4/454A438D-E464-415B-AF3D-4850A65B9890/Windows6.1-KB2645895-x64.msu

    Friday, June 8, 2018 12:51 PM