A Microsoft patch meant to fix critical security flaws in Windows 2000, Windows XP and Windows Server 2003 is causing trouble for some users, the company said Friday.

The patch was released Tuesday to fix four Windows flaws, including one that experts predict will be exploited by a worm in the coming days. The flaw, tagged "critical" by Microsoft, lies in a Windows component for transaction processing called the Microsoft Distributed Transaction Coordinator, or MSDTC.

full article

Thanks m0nty. I saw this somewhere else, but it slipped my mind. The bummer is, I just approved a batch of updates through WSUS last Friday before I heard about the problems.

Guess what... Now there are problems.

What I'd give for a proper test environment. But, you know how it is with colleges.... Shoe string budget with corporate class expectations.

the solution is pretty simple thankfully (hope so anyway)

restore the default permissions to the COM+ catalog.

1. In the %windir%/registration folder, make sure that the Everyone group has READ permissions.

2. In the %windir%/registration folder, make sure that the SYSTEM account has FULL CONTROL permissions.

3. In the %windir%/registration folder, make sure that the Administrators group has FULL CONTROL permissions.

4. In the advanced security properties of the .clb files in the %windir%/registration folder, make sure that the Inherit from parent the permission entries that apply to child objects. Include these with entries explicitly defined here option is selected.

5. Make sure that the Everyone group has one of the following permissions:
• Traverse permissions (“List Folder Contents”) on all parent directories, including %systemdrive%, %windir%, and %windir%\registration
• The Bypass Traverse Checking permission


Bypass Traverse Checking permission should be selected for the Everyone group.

you can roll out to multiple computers if need be by using cacls.exe