Microsoft KB Archive/938814

= The functionality of an add-in, an ActiveX control, or a COM add-in is reduced, or the functionality is blocked after you install Office 2003 Service Pack 3 =

Article ID: 938814

Article Last Modified on 10/31/2007

-

APPLIES TO


 * Microsoft Office 2003 Service Pack 3
 * Microsoft Office Basic Edition 2003
 * Microsoft Office Professional Edition 2003
 * Microsoft Office Small Business Edition 2003
 * Microsoft Office Standard Edition 2003
 * Microsoft Office Student and Teacher Edition 2003
 * Microsoft Office Access 2003
 * Microsoft Office Excel 2003
 * Microsoft Office FrontPage 2003
 * Microsoft Office OneNote 2003
 * Microsoft Office Outlook 2003
 * Microsoft Office PowerPoint 2003
 * Microsoft Office Project Professional 2003
 * Microsoft Office Project Standard 2003
 * Microsoft Office Publisher 2003
 * Microsoft Office Visio Professional 2003
 * Microsoft Office Visio Standard 2003
 * Microsoft Office Word 2003

-



Important This article contains information that shows you how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific problem. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this workaround in your particular environment. If you implement this workaround, take any appropriate additional steps to help protect the computer.

Important This article contains information about how to modify the registry. Make sure that you back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows registry



SYMPTOMS
You install Microsoft Office 2003 Service Pack 3 (SP3). When you start an Office 2003 program, the functionality of an add-in, an ActiveX control, or a COM add-in is reduced. Or, the functionality is blocked in some scenarios.



CAUSE
The behavior of add-ins, ActiveX controls, and COM add-ins was changed in some scenarios in Office 2003 SP3 to improve the security of Office 2003 files.

Office 2003 SP3 performs a test for poorly written COM components that use the QueryInterface method when an Office 2003 program is started. Most COM components will pass the test successfully. However, if a COM component fails the test, the functionality of some add-ins, ActiveX controls, or COM add-ins may be reduced. Or, the functionality may be blocked. The COM components may fail the test in scenarios in which the component provides an incorrect response to the QueryInterface method.

To determine whether the behavior that you experience is because of this change in Office 2003 SP3, follow these steps:
 * 1) Start the Event Viewer. To do this, click Start, click Run, type eventvwr.exe in the Open box, and then click OK.
 * 2) Click Application.
 * 3) Click the Event column heading to sort by event ID number.
 * 4) Determine whether event ID 21296 occurred. If you locate event ID 21296, right-click the event, and then click Properties.
 * 5) Determine the following information about the offending COM component if it is present:
 * 6) * Class identifier (CLSID)
 * 7) * Module name
 * 8) * Module version



RESOLUTION
To resolve this behavior in Office 2003 SP3, contact the provider of the add-in, the ActiveX control, or the COM add-in. The component provider should update the component so that implementations of the QueryInterface method return only interface pointers for interfaces that are implemented by the component.



WORKAROUND
Warning This workaround may make a computer or a network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

To work around this behavior in Office 2003 SP3 when a policy is used, an administrator can disable the feature completely. Or, an administrator can disable the feature for a specific CLSID.

To do this in the registry, use one of the following methods.

Note The values that are set in the following methods may affect other versions of Microsoft Office that are installed on the computer.

Method 1: Disable this feature completely
 Exit all Office 2003 programs. Click Start, click Run, type regedit in the Open box, and then click OK. Locate and then click one of the following registry subkeys:

 

 

Note If the policy value exists, the value in the  subkey is used. If the policy value does not exist in the registry, the value in the  subkey is checked. Additionally, the value is used if it is present. After you click the subkey that is specified in step 3, point to New on the Edit menu, and then click DWORD Value. Type CLSIDInterfaceTest, and then press ENTER. Right-click CLSIDInterfaceTest, and then click Modify.</li> In the Value data box, type 1, and then click OK.</li> On the File menu, click Exit to exit Registry Editor.</li></ol>

Method 2: Disable this feature for a specific CLSID
<ol> Exit all Office 2003 programs.</li> Click Start, click Run, type regedit in the Open box, and then click OK.</li> Locate and then click the following registry subkey:

 

</li> After you click the subkey that is specified in step 3, point to New on the Edit menu, and then click DWORD Value.</li> Type InsecureQI, and then press ENTER.</li> Right-click InsecureQI, and then click Modify.</li> In the Value data box, type one of the following values, and then click OK: <ul>  0 : This is the default value. This value performs the test on the CLSID and then releases the random nonexistent interface when the test is complete.</li>  1 : This value will not perform the test on the CLSID.</li>  2 : This value will not perform the test on the CLSID.</li>  3 : This value will not perform the test on the CLSID. Additionally, this value does not release the random nonexistent interface. Office programs may act as if the test on the CLSID failed without actually performing the test.</li></ul> </li> On the File menu, click Exit to exit Registry Editor.</li></ol>

<div class="moreinformation_section">

MORE INFORMATION
For more information about CLSID, visit the following Microsoft Web site:

http://msdn2.microsoft.com/en-us/library/ms691424.aspx

For more information about how to obtain the latest Office 2003 service pack, click the following article number to view the article in the Microsoft Knowledge Base:

870924 How to obtain the latest service pack for Office 2003

Additional query words: office2003 office2k3 office11 off2003 off2k3 off11 access2003 access2k3 access11 acc2003 acc2k3 acc11 excel2003 excel2k3 excel11 xl2003 xl2k3 xl11 frontpage2003 frontpage2k3 frontpage11 fp2003 fp2k3 fp11 onenote2003 onenote2k3 onenote11 on2003 on2k3 on11 outlook2003 outlook2k3 outlook11 ol2003 ol2k3 ol11 powerpoint2003 powerpoint2k3 powerpoint11 ppt2003 ppt2k3 ppt11 project2003 project2k3 project11 prj2003 prj2k3 prj11 publisher2003 publisher2k3 publisher11 pub2003 pub2k3 pub11 visio2003 visio2k3 visio11 vso2003 vso2k3 vso11 word2003 word2k3 word11 wd2003 wd2k3 wd11

Keywords: kbtshoot kbaddin kbprb kbcominterop kbpubtypekc kbupdateissue kbexpertisebeginner KB938814

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.