Access Denied and COM Activation failure after installing Windows July 2018 Security Updates

Access Denied and COM Activation failure after installing Windows July 2018 Security Updates

Recently Microsoft rolled out the July 2018 .NET Framework Security Updates. These Security Updates caused series of errors in the BizTalk Server Administration Console, SharePoint, Internet Information Server (IIS) with classic ASP and .NET applications which use impersonation.

Related to BizTalk Server, the issue is that BizTalk server relies on a COM component, that runs with restricted permissions. This COM component may fail to start after installing the July 2018 Security Updates.

For BizTalk360 to monitor the BizTalk server, it needs that the BizTalk Server Administrator components are installed in the server. But when the BizTalk360 server is also updated with the security patches, the same errors will occur while accessing the BizTalk applications and their artifacts. Many of our customers raised support tickets to BizTalk360 support channel, as they were not aware of these issues due to the windows security patch.

How the errors occur in BizTalk360 and in BizTalk Server

The com exception will occur in BizTalk360 only after the July 2018 security patch update is installed on the servers. The issue will pop up on many occasions as mentioned below.

While accessing,

  •  BizTalk360 application 
  • BizTalk Applications and their artifacts
  • Hosts and Host Instances

Following screenshot refers, how the exception appears in BizTalk360.

access denied and com activation failure in BizTalk Server

When launching BizTalk Server, a series of errors appear from Hosts and Host Instances.

Here are the errors that occurred in the BizTalk Admin console, When trying to access the host instance

access denied and com activation failure in BizTalk Server

Root Cause of the problem

Let ’s have a look at the root cause of these issues in detail. The Microsoft .NET Framework runtime uses the process token to determine whether the process is running within an elevated security context. These system calls can fail if the required process inspection permissions are not present. This causes an “access denied” error. However, these errors might reveal themselves with other error messages, as we have seen from the screen prints earlier in this article.

A temporary workaround is discussed in this MSDN thread. The simplest workaround is to uninstall the security patch and everything will be back to normal.

Resolution

The latest patch was re-released by Microsoft on July 30, 2018. This update helps to resolve this issue. This patch has different versions applicable to your operating system and .NET Framework installed.

  • 4346877Update for Windows 10, version 1607 and Windows Server 2016: July 30, 2018
  • 4346406Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 and 4.7.2 on Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4346406): July 30, 2018
  • 4346405Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 and 4.7.2 on Windows Server 2012 (KB 4346405): July 30, 2018
  • 4346407Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 and 4.7.2 on Windows 7 SP1 and Server 2008 R2 SP1 and .NET Framework 4.6 on Server 2008 SP2 (KB 4346407): July 30, 2018
  • 4346408Update for .NET Framework 4.5.2 on Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4346408): July 30, 2018

For detailed information about latest patch release, please click this link. Microsoft had also suggested a workaround for the issue but with the following warning message:

Warning: The workarounds may make a computer or a network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend these workarounds. However, we are providing this information so that you can implement the workarounds at your own discretion. Use these workarounds at your own risk.

Customer Feedback

We have received quite a few support tickets on this specific cases from our customers who have recently update the security patches. Because, the problem lies with BizTalk Server, It has affected the BizTalk360 as well while accessing the applications. We informed the customers about the reason for the error. The new patches are uninstalled, BizTalk360 and BizTalk Server will be back to normal. Here is a happy feedback from our most valued customers.

BizTalk360 Custom Email Templates

BizTalk360 Custom Email Templates

With this release of BizTalk360(v8.5), the user can customize email template. The earlier version of BizTalk360 only has a capability to change the color of the email body, font, logo, background, footer background etc. Most of our customer had requested to customize the email alert with more comprehensive improvements, so we have revamped the email template module with more additional functionalities to simplify and customize the email notification. This allows to create and manage custom templates for notifications.

The user can able to create a template with an in-built XSLT validator with preview options. Email template can be used in different alarms with light or dark theme, which helps to

• grab the support team’s attention to take on the relevant actions.
• choose different theme templates to indicate different business cases.
• easily identify which template belongs to which environment.

So, let’s us look how to create a template in the newer version of BizTalk360.

Creating Template

In BizTalk360, Manage Email Template can be found in the monitoring and notification section of setting side. While installing the newer version, the default template “BizTalk360 Email Template” will be used for all the existing or newly created alarm.

BizTalk360 Email Template Grid

For creating a new template, click on “NEW” icons as shown in above picture, a blade opens for providing the basic details like template name, description of the template, toggle button for making it as default template as shown in the picture below.

Custom Template Creation

In the following section, the user can edit and provide their own data like display name, email address, logo text, footer text etc.same as previous versions for a better manageability.

Email settings

Theme

Initially, BizTalk360 provides a default template “BizTalk360 Email Template” with a light elegant theme. Themes are also available in two variants light and dark. A user can able to choose light or dark theme while creating a template.

However, the earlier version of BizTalk360 email colors are chosen by selecting colors from color picker and here we came up with the idea of providing “themes” instead of simply selecting the color code for the email template.

We categorized themes into two
• Light Theme
• Dark Theme

Light Theme

Light Theme

Dark Theme

Dark Theme

We are not restricting the user to simply selecting light or dark theme, we have also provisioned to edit the themes.

Theme Settings

Under the edit theme color settings, a user can choose 6 Body BG color which represents different themes for light and dark. Once the theme is selected, “PREVIEW TEMPLATE” option is being provided to cross check the desired changes on a new blade.

Once the template is created, it will be displayed in the main grid of Manage Email Templates page.

Email Template Grid

XSLT

BizTalk360 uses XSLT (eXtensible Stylesheet Language Transformations) as a styling language for customizing the email template. The XSLT file editing option is being provided to a user for changing font family and font size. “Please do not change any logic in XSLT file, as this might corrupt the mailing functionality”. This facility is available in the edit section of each template by clicking the edit gear icon.

XSLT Edit

Once the changes are made in the XSLT file, the inbuilt XSLT validator verifies the XSLT file and allows the user to save the file after successful verification.

The “Preview Template” option is provided in edit section to make sure the desired changes have been made in XSLT file.

Alarm Configuration

In the alarm configuration section, we have customized for a user-friendliness to choose the template that has been created at the manage email module. Also, we made the notification channel to be available in the Alarm configuration page itself. We have made the email configuration optional if the notification channel is being enabled so that either one of the choices can serve the purpose.

Alarm

Conclusion

BizTalk360 already had a feature to format email template, with its latest release v8.5 it fills the gap by adding the ability to customize, create and manage template for different alarms based on user preference. Keep your mailing color codes intact with your thoughts using our customized email template feature. If you have any feedback or suggestion, please feel free to write to us at support@biztalk360.com.