This content has been marked as final. Show 5 replies
Hi, Tech Writer,
Yes, the same Microsoft security update that blocks the contents of .chm files stored on a network drive also blocks the contents of downloaded .chm files — but the methods used to overcome the security restrictions differ in each case.
As far as downloaded .chm files are concerned, I'm pretty sure that there are no workarounds beyond those described in Microsoft Knowledge Base article 902225.
I think SharePoint allows you to use UNC paths in links to files. If that's the case, you could put your .chm files on a shared network drive, use UNC paths in the links to the files, and then make the required registry changes on the users' machines through your .reg file.
Thanks for the info.
What's confusing to us (as described in my other thread on a related topic), is that we are finding a file named HTMLhelp.reg that seems to be appearing on some of our new computers without anyone installing or modifying it.
Having the file allows you to view from a network folder, and we are completely baffled on how it's showing up on our new Vista computers given the security update you mentioned. These are new Vista machines straight from Dell, and as far as I know none of the "prep" work our staff does to them before we get them would create this file, or otherwise modify the security update, as they relate to this issue.
I don't think Dell or Microsoft would ever ship this .reg file with their products, as to do so could compromise the security of any PC in which it is used. So the most likely explanation is that the .reg file was created in-house and either rolled out across your network via Group Policy or else included in the disk images for new PCs.
If the .reg file uses the UrlAllowList registry value to unblock .chm files stored in specific network folders, this would confirm that the file was created in-house. On the other hand, if the file just uses the MaxAllowedZone value to unblock files in a security zone, such as the Local Intranet or Internet zone, then it could have come from anywhere.
It sounds like a variant of a file that EC Software provided and is part of the article about 896358 on my site. As Pete says, I cannot conceive f any PC manufacturer shipping it.
There seems to be some confusion with your seeing the .reg file and making the association about it working by being present. Pete basically said what I'm about to say, but said it in a different way. In the hopes of dispelling some of the confusion that seems to be here, I'll offer a slightly different explanation.
Files with the .reg extension are normally used to infuse one or more entries into the Windows registry. This is done by executing the file as you would an application. The file is present because someone copied it there for the purpose of modifying the Windows registry in order to make the help work on that PC. The file was placed there, as Pete explained earlier, then it was executed to update the registry. Whomever placed it there just didn't go the extra step of deleting the file when they were finished. So the fact you are seeing the file is indicative that the hack has been used and applied and this is why help is working on those PCs. So if you have PCs where the help is NOT working, you would need to copy that .reg file to the problem PCs and run it. (it's not sufficient to simply have the file being present, as you seem to be concluding)