locked
MSXML4 DLLs still are in the c:\windows\sysWOW64\ RRS feed

  • Question

  • Security SCAN said "The remote Windows host contains unsupported XML parsers.".

    I remove with package add/remove all the version of MSXML version 4.

    But the DLL still show up in the scan.

    The MSXML4 DLL are all through the registry.

    Any suggestions.

    Wednesday, March 11, 2015 7:42 PM

All replies

  • What problem do you really solve? Are there any problem with server function? What operating do you have?

    You can check version of MSXML components and find which role of application has brought it. Also read MS support articles. Chances are that you have had outdated version and proper update can solve the problem.

    Generally it is more useful to ask before removing something... Check product lifecycle for MSXML.

    Regards

    Milos

    Wednesday, March 11, 2015 9:47 PM
  • MSXML 4 is not supported by Microsoft.  To the Security Scanning tools it is vulerable.  Reading all the post I could find.  It was installed by eariler version SQL. 
    Thursday, March 12, 2015 12:47 PM
  • Hi TGCG,

    If you are warring about the remote server security, you can refer the following article to determine which process is using the DLL.

    How to find out which process is locking a DLL

    http://blogs.msdn.com/b/winclient/archive/2004/07/08/177947.aspx

    More information:

    List of Microsoft XML parser (MSXML) versions

    http://support.microsoft.com/en-us/kb/269238

    I’m glad to be of help to you!


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com

    Friday, March 13, 2015 5:39 AM
  • I ran the task list and none of the dll were lock.
    Friday, March 13, 2015 4:00 PM
  • Just renaming the files will resolve the issue, plus you can reverse it if you run into any issues.  I have script to change msxml, msxml2, and msxml4.dll to .old.

    https://gallery.technet.microsoft.com/Remove-MSXML-Vulnerability-5d830664?redir=0

    Saturday, April 22, 2017 1:54 AM