KB4022726 breaks windows search query over OleDb

Question

We are using windows search to search for document on a remote share, after applying security update KB4022726 this functionality breaks.

Our implementation is using oledb connector for windows search in C#

Are there any workarounds besides uninstalling KB4022726?

Update: CVE-2017-8543 might be related.

Sample program - that failes efter install of KB4022726

using System;
using System.Data.OleDb;

namespace windowssearchtest
{
  class Program
  {
    static void Main(string[] args)
    {
      var computer = "searchserver";
      var filepath = @"documents";

      var query = $@"
Select System.Itemname
FROM {computer}.systemindex 
WHERE SCOPE='file:\\{computer}\{filepath}'";

      const string ConnectionString = "Provider=Search.CollatorDSO;Extended Properties=\"Application=Windows\"";

      OleDbDataReader myDataReader = null;
      OleDbConnection myOleDbConnection = new OleDbConnection(ConnectionString);
      OleDbCommand myOleDbCommand = new OleDbCommand(query, myOleDbConnection);
      myOleDbCommand.CommandTimeout = 180;

      try
      {
        myOleDbConnection.Open();
        myDataReader = myOleDbCommand.ExecuteReader();
        if (myDataReader != null && myDataReader.HasRows)
        {
          Console.WriteLine($"HasRows: {myDataReader.HasRows}");
          while (myDataReader.Read())
          {
          }
        }
      }
      catch (Exception e)
      {
        Console.WriteLine(e.ToString());
      }
    }
  }
}

Error:

System.Data.OleDb.OleDbException (0x80004005): Uspecificeret fejl
ved System.Data.OleDb.OleDbDataReader.ProcessResults(OleDbHResult hr) ved System.Data.OleDb.OleDbDataReader.GetRowHandles() ved System.Data.OleDb.OleDbDataReader.ReadRowset() ved System.Data.OleDb.OleDbDataReader.Read() ved windowssearchtest.Program.Main(String[] args) i C:\projects_local\windowssearchtest\windowssearchtest\Program.cs:linje 48

Update 2017-06-26 I have also reproduced this error on a local machine running win10 - 1703 Windows search still works, but will throw an error when you reach the end of the resultset, or if empty on .ExecuteReader()

We made a hack to work around this, i will not recommend this:

//pseudo code
while (Wrap(myDataReader))
<snip>
function Wrap(myDataReader)
{
  try
  {
    return myDataReader.Read();
  }
  catch (ex)
  {
   if(ex.HResult == -2147467259) return false; //0x80004005
   throw;
  }
}

Given that KB4022726 is a rollup package that potentially includes over 100 individual updates (depending on how patched your machine is), I think it's fair to say more information is necessary. Such as the actual code, and the exact fashion in which things break. — Jeroen Mostert, Jun 19 '17 at 17:41
other with same problem: https://social.msdn.microsoft.com/Forums/en-US/fe75627c-3fda-4e69-bc93-07d64664c22a/unable-to-query-windows-search-index-via-oledb-connector-after-installing-201706-monthly-rollup?forum=adodotnetdataproviders — Nickolai Nielsen, Jun 20 '17 at 08:40
This affects local machine queries also, not just remote, I have yet to find a workaround, or a specific response from Microsoft. Local error IErrorInfo.GetDescription failed with E_FAIL(0x80004005). — Bruce Burge, Jun 26 '17 at 19:24
@BruceBurge we have an open support incident with Microsoft on the issue, they are still investigating. Se my update for a crude workaround — Nickolai Nielsen, Jun 26 '17 at 19:45
@NickolaiNielsen This is fantastic, please post if Microsoft gives you a response! — Bruce Burge, Jun 27 '17 at 12:37
@NickolaiNielsen have you noticed that this method seems to be now restricted as to where it will work, for instance it will return results when searching a directory on the desktop, but will throw an exception if you copy that same directory to a folder in appdatalocal ? — Bruce Burge, Jun 27 '17 at 14:42
@NickolaiNielsen Disregard, I ended reseting my indexing, while trying another suggested fix, and didn't realize appdata was restored to an exclusion. — Bruce Burge, Jun 27 '17 at 15:10
I can confirm KB4022726 breaks OLEDB functionality and KB4022720 resolves issue. — Jason Campbell, Jun 28 '17 at 23:35

score 2 · Accepted Answer · answered Jun 28 '17 at 01:00

2

It looks like the issue has been fixed in the latest Optional Updates from MS:

Win7, Server 2008: https://support.microsoft.com/en-us/help/4022168/windows-7-sp1-windows-server-2008-r2-sp1-update-kb4022168

Win 8.1, Server 2012: https://support.microsoft.com/en-us/help/4022720/windows-8-1-windows-server-2012-r2-update-kb4022720

Have installed these updates on my test servers (2008, 2012) and not getting that error now!

answered Jun 28 '17 at 01:00

Dmitry Nikulin

36
1

That was my hope that they would, outlook did also have search problems with the update. I will verify if it resolves our problems later today. – Nickolai Nielsen Jun 28 '17 at 04:03

KB4022726 breaks windows search query over OleDb

1 Answers1