EDIT – June 18th, 2011 – the below blog entry is out of date – click here for up to date information.
Step by step instructions for Windows 2000 end users that want to get up and running quickly after having installed one or both of the invalid Visual C++ security redistributables on Windows 2000:
1) go to Control Panel – Add/Remove Programs, and uninstall the following (one or both may be installed)
a) Microsoft Visual C++ 2005 Redistributable – KB2467175
b) Microsoft Visual C++ 2008 Redistributable – KB2467174 – x86 9.0.30729.5570
Important: look for entries in the add/remove programs with the exact titles above, i.e including those KB article numbers in the title of the entry, as there may be similar looking ones in there (ignore those ones)
2) Find your “Windows” folder. Usually this is at c:\windows or c:\winnt . For the purposes of these instructions, I’ll assume it’s c:\windows (replace that below with your actual Windows folder)
3) Create a folder on your desktop named WORKDIR. You’ll use this later to hold all the DLLs you’ll be copying to your system32 folder.
4) Using Windows Explorer, go to c:\windows\winsxs. Hit the search button. For “Search for files or folders named”, type in 4053, and then hit ENTER. If nothing has been found type in 762 and hit ENTER.
5) There should be 5 folders that were found (as well as various other files that should be ignored, also, ignore any folders with amd64 at the beginning of their folder names). Note there may be some debug folders in here as well, brining the folder count up to 8.
Example of folder name: x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e
6) For each of these 5 folders (or 8 if you have Debug some debug folders), do the following:
a) double click on the folder.
b) Edit – Select all (or CTRL+A)
c) Edit-Copy (or CTRL+C)
d) click on your desktop and open the WORKDIR folder you created above, and then hit Paste (or CTRL+V).
e) return to the Windows Explorer search window and click the “Back” button.
7) Repeat step (4) except search for 4148. If nothing found, search for 21022, then repeat steps 5 and 6.
8) Now your WORKDIR folder should be full of all the DLLs you will require to have copied to your C:\Windows\System32 folder. Open the WORKDIR folder on your desktop, and select all (CTRL+A) and then Edit-Copy (CTRL+C). Then navigate to your Windows\System32 folder and Paste (CTRL+V). If you receive any errors pasting (files in use) you may have to reboot and/or exclude the MSVCR* files when copying and pasting. At a minimum, you’ll need to copy at least the MFC related DLL files (files with MFC in their names)
9) Try running the problematic applications again, to make sure the problem has been fixed.
More background info:
Thanks to Martin Richter on letting me know about this one – the new VCRedists that were rolled out yesterday due to the multi-version security update breaks all dynamically linked MFC 8.0 and 9.0 (VC2005/VC2008) apps that have ever shipped and are deployed to Windows 2000. Any app that doesn’t have a local copy of MFC in their program folder is affected (due to DLL Hell in system32)
If you install them (do this on a test machine not a production machine!), run dependency walker on the updated mfc80.dll and mfc90.dll versions on Windows 2000 and see a new function being called that is not available under XP:
FindActCtxSectionStringA (or FindActCtxSectionStringW with the Unicode version)
These are the links to the broken redistributables:
A simple workaround under Windows 2000 is to copy the older versions of MFC80.DLL and MFC90.DLL (or their corresponding Unicode versions) to your program folder(s). Then your app will use those instead (remember Windows 2000 was a pre-SxS world).
To find these old DLLs is tricky – what would have been nice is that something like this would work:
(1) Uninstall redist update
(2) copy older versions from system32 to your program folder
but unfortunately, uninstalling it just leaves the new (broken ones) in system32. No way to retrieve the old ones. Or is there?????
Yes it turns out: Luckily (and luckily I remembered this from years ago), Windows 2000 still installs the DLLs to WinSxS. So the old ones are still there. So the workaround is to copy from the WinSxS folder the older version of MFC8 or 9 back to system32 or your program folder. But of course, this solution not benefitting from the security updates that are so important. So the best workaround is wait for a new version to be issued by Microsoft.
Special note for those that statically link their MFC apps: you will only be affected if you update your tools (i.e. KB2465367 for VS2005, or KB2465361 for VS2008, VS2003 may be affected as well but I don’t have time to check it – see KB2465373) and then recompile your application. Then your app will no longer run on Windows 2000. So beware of installing these tools updates if you plan on rebuilding your app and releasing it and expect it to work on Windows 2000.