| Event Id | 512 |
| Source | CryptSvc |
| Description | The Cryptographic Services service failed to initialize the VSS backup "System Writer" object. |
| Event Information | According to Microsoft: CAUSE: This problem can occur if any COM applications or COM+ applications cannot access the COM+ catalog files. The application cannot access the COM+ catalog files because the default permissions on the COM+ catalog directory and files have been changed from the default settings. Before Microsoft Security Bulletin MS05-051, explicit permissions to the COM+ catalog were not required. The COM+ catalog files are .clb files and are located in the %windir%\registration folder. RESOLUTION: Based on security changes implemented in MS05-051, Read level NTFS file system permission is required to the %windir%\registration folder. Default permissions include Read access for the Everyone group. If this configuration is changed, applications and services may exhibit unexpected behavior. Organizations that have chosen to implement more restrictive NTFS security permissions should consider granting Read level permissions through group membership for users, applications, and services that require access to COM functionality. We recommend that the default settings for the folder be used to avoid potential application compatibility. Extensive application compatibility testing is recommended for administrators who want to implement settings other than the default settings. |
| Reference Links | Systems that have changed the default Access Control List permissions |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.