Cause of the problem
The Hhctrl.ocx file that is included in security update 928843 and the User32.dll file that is included in security update 925902 have conflicting base addresses. This problem occurs if a program loads the Hhctrl.ocx file before the program loads the User32.dll file. Microsoft has confirmed that this problem affects the following third-party applications.
| Program | Version | Manufacturer |
| Realtek HD Audio Control Panel | 1.41, 1.45, 1.49, 1.57 | Realtek Semiconductor Corporation |
| ElsterFormular | 2006, 2007 | Elster |
| TUGZip | 3.4 | Christian Kindahl |
| CD-Tag | 2.27 | Claremont Software |
| Suunto Ski Manager | 1.0.2, 1.1, 1.2 | Suunto |
| BMC PATROL | 7.1 | BMC Software, Inc |
- If you receive a similar message when you use another program, install the update that is mentioned in this article. If we confirm that other programs are affected by this problem, we will update this article with more information.
- This problem does not occur with version 1.64 of the Realtek HD Audio Control Panel.
Update deployment information
To resolve this problem, use one of the following methods, as appropriate for your situation.
Important Windows Update and Microsoft Update only detect the affected versions of Realtek HD Audio Control Panel, ElsterFormular, TUGZip, and CD-Tag. However, other programs are affected by this problem. Therefore, if update 935448 is not installed on the computer by using Method 1 or by using Windows Server Update Services (WSUS) in Method 2, use Method 3.
Method 1: Install update 935448 by using Automatic Updates or by using Microsoft UpdateTo use Microsoft Update, visit the following Microsoft Web site:
Method 2: Deploy update 935448 in an enterprise by using Windows Server Update Services (WSUS) or Microsoft Systems Management Server (SMS)IT professionals can use WSUS or SMS to deploy this update in an enterprise. For more information about WSUS or SMS, visit the following Microsoft Web sites:
Method 3: Install update 935448 from the Microsoft Download CenterThe following file is available for download from the Microsoft Download Center:
Download the 935448 package now.Release Date: April 3, 2007
For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.
Known issuesSecurity update 928843 (MS07-008) and update 935448 contain Hhctrl.ocx files that have the same version number. If you install security update 928843 (MS07-008) after you install update 935448, you must reinstall update 935448.
Prerequisites To apply this hotfix, you must have Windows XP Service Pack 2 (SP2) installed on the computer.
Installation informationTo install this update without requiring any user intervention and without restarting the computer, administrators can use the following command:
WindowsXP-KB935448-x86-ENU /quiet /norestart
Note Restart the computer, and then verify that the installation was successful if you use the
/quiet or the
/restart switches. You should also review the KB935448.log file for information about any errors that occur when you use the
/quiet switch.
For more information about the setup switches that are supported by this update, click the following article number to view the article in the Microsoft Knowledge Base:
262841 Command-line switches for Windows software update packages
Restart information You may have to restart the computer after you apply this update.File informationThe English version of this update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.For Service branch SP2GDR| File name | Hhctrl.ocx |
| File version | 5.2.3790.2847 |
| File size | 546,304 |
| Date (UTC) | 02-Apr-2007 |
| Time (UTC) | 05:58 |
| Service branch | SP2GDR |
|
| File name | Hhctrl.ocx |
| File version | 5.2.3790.2847 |
| File size | 546,304 |
| Date (UTC) | 02-Apr-2007 |
| Time (UTC) | 05:53 |
| Service branch | SP2QFE |
|
When you install this update, the installer checks whether one or more of the files that are being updated on the system have previously been updated by a Microsoft hotfix. If you have previously installed a hotfix to update one of these files, the installer copies the SP2QFE files to your computer. Otherwise, the installer copies the SP2GDR file to your computer.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
824994 Description of the contents of Windows XP Service Pack 2 and Windows Server 2003 software update packages
Verify that the update is installedTo verify that this update is installed, use the following methods:
- Method 1: Compare the version of the file that is installed on your computer to the version that is documented in the "File information" section.
- Method 2: Verify the files that this update installed by reviewing the following registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP3\KB935448\Filelist
Note This registry subkey may not contain a complete list of the installed files. Also, this registry subkey may not be created correctly if an administrator or an OEM integrates or slipstreams the update into the Windows installation source files.
Removal informationTo remove this security update, use the
Add or Remove Programs item in Control Panel. Administrators can also use the Spuninst.exe utility to remove this security update. The Spuninst.exe utility is located in the following folder:
%windir%\$NTUninstallKB935448$\Spuninst
To remove this update without requiring any user intervention and without restarting the computer, administrators can use the following command:
%windir%\$NTUninstallKB935448$\Spuninst\Spuninst.exe /quiet /norestart
Status of the problem
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.References
For more information about security update 925902 (MS07-017) and security update 928843 (MS07-008), click the following article numbers to view the articles in the Microsoft Knowledge Base:
928843 MS07-008: A vulnerability in the HTML Help ActiveX control could allow remote code execution
925902 MS07-017: A vulnerability in GDI could allow remote code execution
For more information about the command-line switches for Windows software update packages, click the following article number to view the article in the Microsoft Knowledge Base:
262841 Command-line switches for Windows software update packages
For more information about the terms that are used to describe software updates, click the following article number to view the article in the Microsoft Knowledge Base:824684 Description of the standard terminology that is used to describe Microsoft software updates
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.