Registry Permission Errors when installing Microsoft Updates
There has been numerous errors for Microsoft/Windows Updates that are mostly affected by errors within the registry. All throughout the history of installing and patching updates for Windows we may infrequently bump into some corners where we can’t install some or even everything!
Most errors commonly happen when there’s an error accessing keys within the registry. Some people will find it difficult just trying to read through a log file where we can find the error being caused by the installation. Windows will often prompt or give you an error message that’s also as elusive as trying to find the failure point.
I have featured numerous error codes that within this blog that has helped most in overcoming installation errors such as error 57A, 1402, 80073712, .Net Framework, 646, FF0B, 0x80070715, 0x8004FF0B, 0x8024402C, etc., you can walk around the Crimson Spectrum blog just to see how much we have covered such errors. The most intriguing are 643 and hexadecimal ending at “5”.
In a larger perspective, Registry errors or Permission errors are due to some “lock down” on the key itself. At times, the keys could lose their specific Security Descriptor and Access Control List (ACL) Architecture – TechNet Library. Often this can be caused by improper use of Registry Cleaners that may either remove, delete or nullify access into a certain key or object that it may see as unusable. Personally, through my own tests I have seen and also used on test machines how registry cleaners can be either effective or become a catalyst to disaster. Also, a Malware infection may have added Registry permissions to certain keys to deny access to system tools or allow access for it exclusively to certain keys relevant for propagating itself and stealing information.
The method below to help you overcome Registry Permission Errors has been used for .Net Framework installation errors in the past and present but is also successful in resolving errors for installation issues of MSI (Windows Installer) based applications such is what’s being used by Microsoft/Windows Updates , more about this through Aaron Stebner’s WebLog.
I am providing a tool for download once you install SubInACL. This is my own version which will create a Restore Point before the tool executes giving you an option to revert all of the changes after the tool executes.
Download and install SubInACL, do not change the default installation path.
Download the file which is a Command Script –> Reset-ACL.cmd
Save the zipped file and extract the application inside. Once extracted “Run as Administrator”.
Before running the file, make sure that there are currently no other programs or applications running. Also, do not use the system while the script is running. This will ensure that the execution for default permissions in the Registry will go smoothly.
Note: The file may take several minutes to complete. Take heed though, this small script will reset Permission entries within the Registry. If you have any custom configurations, these may be removed and you will need to add it again i.e. User and Group settings in the Registry. For more information: Using the Command Line to Edit Multiple Subdirectory Permissions