How to resolve the error "The program can't start because Qt5Widgets.dll is missing from  your computer"

2 Comments

How to resolve the error "The program can't start because Qt5Widgets.dll is missing from your computer"

This article describes how to resolve the message at Startup:

The program can't start because Qt5Widgets.dll is missing from
your computer.  Try reinstalling the program to fix this problem.

Reason for the Message

This problem may occur after removing Malware Bytes due to a run key being left behind which calls programs and DLL's which have been removed.  You can resolve this error by removing the program from the run key in the registry.


Steps to Resolve on x64 Machines

1. Open the Registry Editor with the command regedit.exe

2. Navigate to the key:

    HKLM\SOFTWARE\Wow6432\Microsoft\Windows\CurrentVersion\Run

3. Review the key and remove any items refering to Malware Bytes or the file "BusinessMessaging.exe"

Steps to Resolve on x86 Machines

1. Open the Registry Editor with the command regedit.exe

2. Navigate to the key:

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

3. Review the key and remove any items refering to Malware Bytes or the file "BusinessMessaging.exe"
 

Additional Information

BusinessMessaging.exe is a part of the Malware Bytes software and this run key may get left behind after removal of Malware Bytes.  

2 Comments

Badlock Vulnerability Report

Comment

Badlock Vulnerability Report

At Capstan Services we partner with both customers and non-customers to share news about potential threats to your computing environment.  We feel it is imperative to notify you about the release of patches for the BadLock vulnerability.  Details about this vulnerability were released on April 12, 2016 along with patches for both Microsoft Windows and the Samba project.

What is Badlock?

Badlock is a vulnerability in the Server Message Block or SMB protocol.  This is the protocol which is used by Microsoft Windows networks and certain Unix/Linux machines to share files over a network connection.   In simple terms, this the how you get to your network drives and "Drive Letters" that are not on your machine.

What is the Risk?

Capstan Services is calling the risk level High although not critical.  This vulnerability was hyped quite a bit and we believe that the hype was not quite warranted.  The risks of badlock are primarily going to be exposed only to the internal network which dramatically lowers the risk in most environments.  It should be noted that this is a good time to verify that your organization does not have any open SMB ports facing the internet.  This is a terrible practice to start with and becomes more dangerous with badlock.  

This vulnerability opens un-patched users to the following Risks:

  • Man In The Middle Attacks

A Man in the Middle attack allows an attacker to gain access to resources by standing between a user and a server.  In this case an exploit would be able to gain access to a file server and change user accounts, passwords, users rights, delete files and shut off services.  For Microsoft Active Directory environments the attacker might also be able to gain access to Active Directory features.

  • Denial of Service Attacks

A denial of service attack will allow the attacker to prevent users from accessing a server or services

How do I Remediate?

The most important first step is to verify that you do not have any SMB presence on the internet.  SMB is not an internet friendly protocol and should NEVER be available outside of your local network.  This can be verified by your Information Technology staff by checking the following:

  1. Verify that there are not any external firewall rules which allow traffic on ports 445 TCP, 137 TCP/UDP, 138 UDP or 139 TCP
  2. Verify that there are no external firewall NAT rules to any of the above ports
  3. Check to make sure that none of the above ports are open on any outside IP address

For Microsoft Windows based machines you will need to install the latest patches for each machine.  For details on the latest security bulletins please see:

https://technet.microsoft.com/en-us/security/bulletin/dn602597.aspx

For Linux & Unix  Machines running Samba you will need to install that latest patches for your version of Samba AND you must be running one of the following Samba versions:

  • 4.2.10
  • 4.2.11
  • 4.3.7
  • 4.3.8
  • 4.4.1
  • 4.4.2

You should check with the vendor of your Samba version to identify and install the appropriate patch for your Samba implementation.

What is Capstan Services doing?

If you are a Capstan Services customer we will be scheduling a time to deploy fixes in your environment.  We will be deploying patches to servers based on outage windows and you should coordinate this with your contact at Capstan Services. 

If you are a Capstan Services Managed Desktop or Worry Free Desktop customer we will deploy patches to your desktop machines on your current deployment schedule.

If you have any questions or would like to have us assist you with remediation please call us at (469) 312-8100.

More Information

For more information on the Badlock bug and detailed information on remediation please go to badlock.org.

Comment