Not long ago, Microsoft Printer Metadata Troubleshooter Tool was rolled out with KB5034510 intended to resolve issues with printer icons and the installed HP Smart app caused by updates. Unfortunately, the tool does not work under RDS 2016 and kicks access denied issue with error 0x80070005. The developers have made several messes when creating the tool.
Users noticed that HP Smart printer app was installed on their Windows 11 and Windows 10 PCs for no reason irrespective of manufacturers in late November. This issue renamed all the printers HP LaserJet M101-M106 and replaced the printers’ icons also. A tool has been released to deal with this bug. This tool allows administrators to resolve the problem by removing the HP Smart printer app and reverting printer entries.
Table of Contents
Microsoft Printer Metadata Troubleshooter Tool 0x80070005
Here is how to fix Microsoft Printer Metadata Troubleshooter Tool error 0x80070005 in Windows 11/10:
Fixes are required from the developers’ side
Several users are facing Microsoft Printer Metadata Troubleshooter Tool error 0x80070005 on RDS 2016 (Remote Desktop Services on Windows Server 2016.
The error code refers to ERROR_ACCESS_DENIED, so the tool has permission to modify the metadata only and not write to any target. Sadly, it needs this access to an object belonging to the TrustedInstaller which is failing.
However, the programs can bypass this error in their write processes by activating the Backup and Restore privileges. Using these privileges, the process can write to the resource (the violation of access rights is then ignored).
KB5034510 Microsoft Printer Metadata Troubleshooter Tool rolled out
So, this is important to know that the error can be fixed only from the developer side and not the user side. Let’s explain what are the loopholes in the Microsoft Printer Metadata Troubleshooter Tool:
Loopholes in the Microsoft Printer Metadata Troubleshooter Tool
Permissions are messy
KB5034510 itself illustrated various restrictions specified there; for example, the tool must be opened with Administrator: command prompt. Developers also provide options for running the tool via scheduled tasks with appropriate permissions.
They have created an unnecessary hurdle here because an executable program contains a so-called manifest file in the .exe file, which determines how it is to be executed. Microsoft’s developers have specified this in the manifest:
<requestedExecutionLevel level='asInvoker' uiAccess='false' />
In order to follow the Microsoft standard specifications for programs that are to be executed with standard privileges they could also have confined “requireAdministrator” as the level. This would result in an app requesting the required administrator privileges from the user via the user account control at startup.
Space for DLL hijacking
Furthermore, Microsoft neglected to mention that the directory for running the PrintMetadataTroubleshooterX64.exe program should never be the temp directory or the download directory of the user account.
Rather, a separate directory should be created to which only an administrator may write. The directory must be evacuated before the file PrintMetadataTroubleshooterX64.exe is copied there.
This would ensure the administrator that when the PrintMetadataTroubleshooterX64.exe program file is called up, nothing is executed in the program folder as by-catch.
Some researches from users indicate that the application could execute the WINSPOOL.drv file if it is located in the program directory. This would invite the intruders to DLL hijacking, as a non-privileged attacker could write malware files with this name to the Temp or Downloads program folder. When PrintMetadataTroubleshooterX64.exe is called, the malware files in question would be returned or executed with administrator or system privileges.
When running an experiment with PrintMetadataTroubleshooterX64.exe something is manipulated despite the folder being otherwise empty.
On creating an empty WINSPOOL.drv file as a test, PrintMetadataTroubleshooterX64.exe should continue to run without any problems if the developers have professionally implemented the tool, along with security guidelines.
Instead, PrintMetadataTroubleshooterX64.exe displays the error Invalid image and states that WINSPOOL.drv file is not intended for Windows execution or contains an error.
The experts from Redmond disclose that PrintMetadataTroubleshooterX64.exe does not specify where dependent files are to be loaded, but uses the search defaults from Windows for loading (contrary to Microsoft’s own programming specifications). Consequently, the files with the relevant name are chosen from the program’s own directory.
If malware succeeds in reaching the temp or download folder with such files and the PrintMetadataTroubleshooterX64.exe file is executed there using an administrative command prompt, the tool will load the malware and execute it with administrator privileges.
Let’s see whether Microsoft takes notice of these loopholes and if they take, when these are corrected. So nothing remains for us to fix Microsoft Printer Metadata Troubleshooter Tool error 0x80070005 as of now.
Source: Borncity.
Methods:
Fixes are required from the developers’ side
Loopholes in the Microsoft Printer Metadata Troubleshooter Tool
That’s all!!