A folder that is created under the root of the system drive is missing entries in its security descriptor, which may cause some application failures on the English version of Windows 7 Release Candidate 32-bit Ultimate

In the English version of Windows 7 Release Candidate (build 7100) 32-bit Ultimate, the folder that is created as the root folder of the system drive (%SystemDrive%) is missing entries in its security descriptor. One effect of this problem is that standard users such as non-administrators cannot perform all operations to subfolders that are created directly under the root. Therefore, applications that reference folders under the root may not install successfully or may not uninstall successfully. Additionally, operations or applications that reference these folders may fail.

For example, if a folder is created under the root of the system drive from an elevated command prompt, this folder will not correctly inherit permissions from the root of the drive. Therefore, some specific operations, such as deleting the folder, will fail when they are performed from a non-elevated command prompt. Additionally, the following error message appears when the operation fails:

Access is denied.

Furthermore, the missing security descriptor entries protect non-admin file operations directly under the root.

For those customers who are affected by this problem, the fix is available through Windows Update:

http://update.microsoft.com/windowsupdate (http://update.microsoft.com/windowsupdate)

The problem exists only on x86 versions of the Windows 7 Release Candidate Ultimate. Only an x86 version of the hotfix was created. This hotfix will install only on Windows 7 Release Candidate (build 7100) 32-bit Ultimate. To avoid additional offering complications, the hotfix will install on all five language versions of the program.

• The CleanWin7RCRoot.exe tool examines the full security descriptor on the root of the system drive that has the "known bad" security descriptor. The tool replaces an incorrect security descriptor with a correct one. After the security descriptor is replaced, folders that are created under the root folder of the system drive inherit the correct ACLs, and applications install successfully.

• The hotfix does not repair applications that are already installed.

• If you have changed the root security descriptor, the CleanWin7RCRoot.exe tool does not make changes to the ACL. This prevents potential application compatibility problems.

Send via e-mail | Submit to Digg | Add to Live Favorites