RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1308634 - After installing spice-usbdk-win Win7 doesn't recognize any USB device
Summary: After installing spice-usbdk-win Win7 doesn't recognize any USB device
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: spice-usbdk-win
Version: ---
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: Default Assignee for SPICE Bugs
QA Contact: SPICE QE bug list
URL:
Whiteboard:
: 1425816 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-02-15 16:29 UTC by Andrei Stepanov
Modified: 2019-10-10 14:09 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: Release Note
Doc Text:
To prevent connection failure with local USB devices on a Windows 7 client machine, update the Windows machine with Microsoft Security Update KB3033929 before installing the USB Development Kit Driver (spice-usbdk-win). Failure to apply this update before installing the spice-usbdk-win driver otherwise results in USB connection loss and an error reporting an unsigned driver. See https://technet.microsoft.com/en-us/library/security/3033929 for more information on this security update.
Clone Of:
Environment:
Last Closed: 2016-02-16 19:30:29 UTC
Type: Bug
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
Warning spice-usbdk-win-1.0-12 driver is not signed. Nevertherless, spice-usbdk-win 1.0-10 didn't show such warning. (1.17 MB, image/jpeg)
2016-02-15 16:29 UTC, Andrei Stepanov 		no flags Details
View All

Description Andrei Stepanov 2016-02-15 16:29:51 UTC 
Created attachment 1127334 [details]
Warning spice-usbdk-win-1.0-12 driver is not signed.     Nevertherless, spice-usbdk-win 1.0-10 didn't show such warning.

Client loses connection with all local USB devices after installing spice-usbdk-win.

Client - is Windows 7 64 SP1 installed on bare-metal machine.

rpm -qf /usr/share/spice/usbdk-x64.msi
rhevm-spice-client-x64-msi-3.6-6.el6.noarch

rpm -q --changelog rhevm-spice-client-x64-msi | head -n 7
* Mon Jan 04 2016 Uri Lublin <uril> - 3.6-6
- mingw-virt-viewer 2.0.8
- mingw-spice-gtk 0.26-10
- mingw-libusbx 1.0.20-1
- spice-usbdk-win 1.0-10
- Send requests to usbdk asynchronously (rhbz#1144043)

How reproducible: Always.

Steps to Reproduce:
1. In www-browser go to home page "Red Hat Enterprise Virtualization Manager" 
2. Click at select "Downloads -> Console Client Resources"
3. Download and install "UsbDk for 64-bit Windows"
4. Reboot client.

Actual results: After reboot, keyboard/mouse/usb_flash_driver connected to client machine doesn't respond.

Hint to recovery from this state: reboot the client, at startup press F8, select "Disable Driver Signature Enforcement", uninstall UsbDK.

Also, I have tested a build: spice-usbdk-win-1.0-12. Got the same result + warning about driver is not signed. (spice-usbdk-win 1.0-10 didn't show such warning).  

Please note, that bug should be closed only as rhevm-spice-client-x64-msi RPM gets correct version of spice-usbdk-win.
Comment 1 Dmitry Fleytman 2016-02-16 08:00:52 UTC 
A short update:

I reproduced this issue on my Win7 machine. Indeed the problem is related to UsbDk driver digital signature.

I verified digital signature of UsbDk.sys, it is absolutely fine but Windows cannot verify it for an unknown reason.

Continuing the investigation...
Comment 2 Dmitry Fleytman 2016-02-16 09:15:58 UTC 
UsbDk.sys driver is signed by SHA-2 code certificate received by RedHat from Symantec.

There is a problem on Windows 7/2008R2 with SHA-2 code signing certificates. In some cases SHA-2 signed drivers fail to load on these systems while the signature is perfectly valid. Microsoft fixed this issue by security update 3033929. This update needs to be downloaded and installed in order to load such drivers.

The update may be downloaded from https://technet.microsoft.com/en-us/library/security/3033929.

Installation of this update fixed the problem I observe on my test systems.
Andrei, please verify that it fixes the problem you observe as well.

Thanks,
Dmitry
Comment 3 Andrei Stepanov 2016-02-16 10:04:03 UTC 
Security update from Microsoft helps to fix the problem.
https://technet.microsoft.com/en-us/library/security/3033929.
Dmitry, thank you.
Comment 6 Bill Sanford 2017-02-22 18:12:32 UTC 
*** Bug 1425816 has been marked as a duplicate of this bug. ***
Comment 7 Andrei Stepanov 2017-03-27 10:59:31 UTC 
Direct link to download updates is:

https://www.catalog.update.microsoft.com/Search.aspx?q=KB3033929

This site provides easy way to find and download necessary updates for Windows.
Note You need to log in before you can comment on or make changes to this bug.