Microsoft Security Bulletin MS12-060, released August 14, 2012, (update to MS12-027) re-introduces the problem executing VBA scripts within Bentley Structural Modeler XM & V8i, Bentley Structural Modeler XM & V8i and AECOsim Building Designer V8i original cause by applying MS12-027 security update. The issue may also be present in other Bentley applications that use VBA scripts.
WARNING – Microsoft Security Bulletin MS12-060 (update to MS12-027) disables VBA Scripts (released 08-14-2012)
Symptoms:
The symptoms that you have been affected by Microsoft Security Bulletin MS12-060 update or the original MS12-027 is you may receive one of several variation of a VBA error, in the message center of Bentley Structural Modeler XM & V8i, Bentley Structural Modeler XM & V8i, AECOsim Building Designer V8i or other Bentley applications. Error messages include but are not limited to:
VBA interface error: unable to run macro - invalid procedure name (error when placing Structural joist girder / bar joist / analysis Import/export)VBA interface error: unable to run macro - 0x80040552 (error when placing Structural steel truss)Cannot run VBA modulePlacement of Mechanical Content does not display any graphics (in dynamics) after the initial placement point.Object library invalid or contains references to object definitions that could not be foundElement not foundCannot insert objectTo verify the issue is the result of Microsoft Security Bulletin MS12-060 or MS12-027, please review the Microsoft Updates applied to your computer and determine whether any of the corresponding Service Packs lists either Microsoft Security Bulletin MS12-060 Critical or Microsoft Security Bulletin MS12-027 - Critical were recently applied.
The following are the most commonly applied Service Packs that can cause the reported issue with VBA scripts within Bentley Application
Microsoft Office Suites and Software
Microsoft Office 2003 Service Pack 3 - (Windows common controls)(KB2597112)Microsoft Office 2003 Web Components Service Pack 3 - (Windows common controls)( KB2687323)Microsoft Office 2007 Service Pack 2 - (Windows common controls)( KB2687441)Microsoft Office 2007 Service Pack 3 - (Windows common controls)( KB2687441)Microsoft Office 2010 Service Pack 1 (32-bit editions) - (Windows common controls)(KB2597986)For a complete list of Service Packs or Updates that are associated with the Microsoft Security Bulletin MS12-060, please reference http://technet.microsoft.com/en-us/security/bulletin/ms12-060
Cause:
Microsoft Security Bulletin MS12-060 - CriticalVulnerability in Windows Common Controls Could Allow Remote Code Execution (2720573)
This security update resolves a privately reported vulnerability in Windows common controls. The vulnerability could allow remote code execution if a user visits a website containing specially crafted content designed to exploit the vulnerability. In all cases, however, an attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker's website. The malicious file could be sent as an email attachment as well, but the attacker would have to convince the user to open the attachment in order to exploit the vulnerability.
Resolution:
Please reference the following Microsoft Support Article (Article ID: 2703186) for the resolution to this issue:
MS12-060: Description of the security update for Office 2010: August 14, 2012MS12-060: Description of the security update for 2007 Office system: August 14, 2012MS12-060: Description of the security update for Office 2003 and Office 2003 Web Components: August 14, 2012To resolve the issue, you must run the “Fix It” option in Microsoft article.
Solution 2
1) Type "cmd.exe" in the Windows Start Menu > "Search" field, then right-click on the command and choose "Run as Administrator" to open an Administrator level Command Prompt.2) Type "del c:\*.exd /s", without the quotes3) Download the Microsoft Visual Basic 6.0 Service Pack 6 Cumulative Update, available here: http://www.microsoft.com/en-us/download/details.aspx?id=7030.4) Open the downloaded VB60SP6-KB2641426-x86-ENU.msi file in your compression software of choice, such as 7Zip, and extract the "product.cab" file.5) Open the product.cab file with your compression software and extract the files "mscomctl.ocx" and "mscomct2.ocx".6) Copy mscomctl.ocx and mscomct2.ocx to C:\Windows\System32, overwriting any other existing versions. NOTE: If you are running a 64bit OS and do not have these two files in the C:\Windows\System32 folder, check under the C:\Windows\SysWOW64 folder instead.7) Return to your Command Prompt window and register both *.ocx files using the regsvr32 command.8) Restart AECOsim Building Designer or Bentley Building Mechanical Systems.
Solution 3
Note: Uninstalling any of the applied Microsoft Security Updates will not correct the problem nor does Bentley recommend not uninstalling any Microsoft security updates. The MSCOMCTL.OCX will need to re-registered. To re-register the MSCOMCTL.OCX on Window 7– 64bit:
1. Open the Start Menu.2. In the white line (Start Search) area, type cmd to initiate the command prompt3. Right click on cmd (at top), and click on Run as administrator.4. Click on Continue in the UAC prompt.5. Change your source directory to “c:\windows\SysWow64” by typing cd c:\windows\SysWow646. Type regsvr32 MSCOMCTL.OCXTo re-register the MSCOMCTL.OCX on Window XP/7– 32bit:1. Open the Start Menu.2. In the white line (Start Search) area, type cmd to initiate the command prompt3. Right click on cmd (at top), and click on Run as administrator.4. Click on Continue in the UAC prompt.5. Change your source directory to “c:\windows\System32” by typing cd c:\windows\System326. Type regsvr32 MSCOMCTL.OCX
Or download the attached file and rename the extension from .txt to .bat and right-click and click on Run as administrator
Product TechNotes and FAQs
Bentley Technical Support KnowledgeBase
Bentley LEARN Server
Bentley's Technical Support Group requests that you please confine any comments you have on this Wiki entry to this " Comments or Corrections?" section. THANK YOU!