[German]Windows users depending on old CHM help file format are running into a serious issue after installing May 2018 update. Windows (from Windows 7 up to Windows 10) blocks viewing these files, if they are located on network shares. Here are a few details.
A user query
I need to confess, I wasn’t aware of this issue, because I am not using CHM help files frequently. A German blog reader, however, send me a mail that drew my attention to the topic.
I work for the company xyz …., and we provide the help to our customers once as manual (PDF) and once as online help (*.chm files à F1 key à appropriate help topic).
Unfortunately, customers have had problems with this since the Microsoft update KB4103727, help cannot be called.
Do you know something about it – in the best case, of course, a solution? (where the solution to uninstall the update is out of the question).
These are, of course, two problems. First the display of .CHM help files and the second, calling help via F1 function key. It looks like both features have been disabled by updates.
Update KB4103727 has been released on May 8, 2018 for Windows 10 V1709 (see Windows 10 security updates May 8, 2018). This update fixes some security issues in Windows.
Users of Windows 10 V1803 experience the same problem with update KB4103721, under Windows 7 the update KB4103712 is seen as the cause. The description of both update packages provides a direct reference to the change: Security updates for Internet Explorer, Windows apps, Windows kernel, Microsoft graphics component, Windows storage and file systems, HTML help, and Windows Hyper-V.
Searching the web
Within this Microsoft Technet forum thread a user already outlined the problem. After installing update KB4103727 it is no longer possible to open CHM files under Windows 10 V1709. It becomes apparent that viewing the content of CHM files from a network share is no longer possible.
The background is that CHM files are HTML documents and pose a latent security risk. Microsoft therefore internally sets Internet zone bits for CHM files at network level. The files are then considered as unsafe and are no longer viewable.
A simple test helps to check, whether this is the cause: Just move the CHM file to a local folder. Right-click on it, go to Properties and make sure that the Allow button is not displayed on the General tab or, if available, click on the button. This deletes the Internet zone bit of the file. Then the CHM file should be viewable again.
In Microsoft’s Technet forum a user proposes a workaround within this thread using symbolic links.
mklink /D c:\MyHelp \\myserver\helpfiles
This allows a network link to be mirrored to a local folder, allegedly eliminating the problem.
At reddit.com is also a thread about this topic with the result, that the MaxAllowedZone and UrlAllowedList group policy entries no longer work. Within this thread I found a mention, that Microsoft support is aware of this and should fix it with the June update. A workaround looks like this:
Copy the following 3 DLLs from an unpatched computer to the System32 directory on a test system. Take possession of the DLLs and grant full access beforehand. Testing and feedback.
For 64-bit Windows, the files must also be copied to the SysWOW64 folder. Let’s see if Microsoft fixes this in June 2018.