Wednesday, March 30, 2011

Office and Outlook Corrupt Installations - Missing Files

Every so often we must upgrade our Office or Outlook products to the latest and greatest version, or uninstall a product we no longer use because we've switched over to a new solution. Sometimes when we go to remove, repair or upgrade Microsoft Outlook or Office we run into a snag where the system tells us it cannot complete the function without the missing file known as SKU011.CAB, because it cannot be found.

The dialogue window which opens can be misleading, telling us we need to place the installation source disc in the machine and browse to where the missing file is located. If you are like some small to medium-sized businesses which have just recently gotten around to focusing on updating your software products, you may find that the original discs have gone missing, or the IT personnel you used when the business was a fresh start have disappeared or are no longer the same folks you use to perform your technology duties, and the software actually was with them.

In the case above, there is actually a simple and easy way to work around this issue by modifying the Windows registry. This corrupt installation issue is actually due to a value in the registry not being "0".

Now, before attempting to modify any registry data, check to see if you have staff comfortable doing this task as it can wreck your Windows profile if changes are made in error or if items are deleted by accident. Windows registry is no joke, it is literally a database of all the different components which Windows uses to function properly. Check to see if you have an assigned IT person, and if not, backup your registry before modifying any registry keys.


To backup Windows registry is a very simple matter which takes only a minute or two. Any time you need to edit the registry, you go to Start > Run, and in the dialogue box type "regedit" (without the quotation marks), and press Enter.

  1. Open the Registry Editor by clicking the Start button Picture of the Start button, typing regedit into the Search box, and then pressing ENTER. Administrator permission required If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

  2. Locate and click the key or subkey that you want to back up.

  3. Click the File menu, and then click Export.

  4. In the Save in box, select the location where you want to save the backup copy, and then type a name for the backup file in the File name box.

  5. Click Save.

  • Although you can back up more than the registry key or subkey that you are modifying, doing so adds to the size of the backup file.

  • Before editing the registry, it's a good idea to create a restore point using System Restore. The restore point contains information about the registry, and you can use the restore point to undo changes to your system. For more information, search Help and Support for "System Restore."

Fixing The Irritating Missing File Issue:

1. Click on your Start menu and select “Run…”

2. Once the dialogue box appears, type in 'regedit' and click “OK”

3. In the left tree structure, navigate to HKEY_LOCAL_MACHINE -> Software->Microsoft -> Office -> 11.0 -> Delivery.

4. There should be one entry under Delivery folder (e.g. {91E30409-6000-11D3-8CFE-0150048383C9} ), select that directory. (Don't select any other directory but this one, as this is specific to the issue shown at the top! If you cannot find it or are unsure, consult an IT professional!)

5. On the right side of the window, right-click on CDCache and select the first menu item ‘Modify’.

6. An ‘Edit String’ dialogue box will appear on your screen. Make sure to note the current value in this box incase you want to revert the changes that you have made. Change the value in the ‘Value Data:’ field to 0 and click ‘OK’. Once this is done, your registry will have been updated.

7. This completes the necessary changes that need to be made in order to fix the error message that appears in figure 1. Now that you are done, close all the windows that you opened and restart your Microsoft Office product.

An excellent resource for screenshots so that you may follow the steps visually can be found here at

Now you should be able to add/remove, change, repair or upgrade the Office product without that nasty error popping up.

Again, make sure you or someone in your office is comfortable backing up and modifying the registry data, it could save you much time and frustration going forward!

Tuesday, March 1, 2011

Clickjacking on Facebook

Another week is here with another means for scammers to utiliize Facebook's user-interactive malady, the "Like" button. Apparently, Facebook rightly seems to consider having to confirm that you "Like" something a little time-consuming. Due to this, it is a prime candidate for scammers to use for their ill-intent.

Lots of people follow celebrity goings-on and are excited when they think they're being directed via a Facebook fan-page to a rare video clip or photo which wasn't published through the normal, official channels. Because of this, misuse of such false links has become viral.

As explained in the following article by Sophos, a user can more easily protect themselves by installing the "NoScript" add-on for Firefox and the similar "NotScripts" for Google's Chrome browser. This allows you to choose when and where you want scripts to run so if you catch yourself on a page which looks a bit not what you expected when you clicked the link to take you there, it is already blocking scripting until you give it the OK.

- Matthew Siers


From Sophos' Naked Security: News. Opinion. Advice. Research

Lost all respect for Emma Watson? Facebook clickjacking attack spreads virally

RSS logoHi there! If you're new here, you might want to subscribe to the RSS feed for updates. X

Filed Under: Featured, Social networks, Spam

Emma Watson, the actress who plays the part of Hermione Granger in the Harry Potter movies, has found herself the subject of a clickjacking scam on Facebook.

Users of the social network have seen messages posted by their online friends claiming to have lost all respect for Emma Watson, after watching a video starring the young actress.

Emma Watson message on Facebook

I lost all respect for Emma Watson when I seen this video! Outrageous!

If you're curious enough to click on the link, your browser will be taken to a webpage which pretends to be a YouTube-style video site called FbVideo.

Emma Watson clickjacking page

If you've got this far, you'll probably be tempted to click to view the video. However, like the many clickjacking attacks we saw on Facebook last year, you will be invisibly clicking on a "Like" button without your knowledge, sharing the link further with your friends.

The page is designed to display a survey scam, which both earns money for the scammers and can trick you into handing over your mobile phone number to sign you up for a premium rate SMS service.

You can protect yourself from clickjacking threats like this by using browser plugins such as NoScript for Firefox.

But wouldn't it be great if Facebook required users to confirm that they wished to "Like" a webpage? That would make scams like have a harder time spreading virally via the social network.

By the way, other versions of the scam are using the names of Miley Cyrus.

Miley Cyrus Facebook message

If you find you have accidentally "Liked" an offending webpage, remove references to it from your wall and check your profile settings.

As Chet pointed out with a similarly-themed Justin Bieber clickjacking scam on Facebook, it can also make sense to logout from Facebook when you are not actively using it to reduce the chances of you being tricked into "Liking" things you don't really like.

If you're a Facebook user and want to keep up on the latest threats and security news why don't you join the Sophos Facebook page?

You could also do a lot worse than check out our best practices for better privacy and security on Facebook guide.

About the author

Graham Cluley is senior technology consultant at Sophos. In both 2009 and 2010, the readers of Computer Weekly voted him security blogger of the year and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which is very cool. His awards cabinet bulging, he was voted "Best Security Blogger" by the readers of SC Magazine in 2011. You can contact Graham at, or for daily updates follow him on Twitter at @gcluley.