Looks like typical Microsoft introduced a new GPO option in the Security tab, and it breaks part of MMC. Theres a workaround that involves deleting the regkey and readding it once a hotpatch comes out. We experienced this error and caused a fair amount of confusion. Hopefully it saves one of you guys from a panic attack.
Cheers.
Thanks for sharing that - it does look like an annoying bug. For anyone who is rolling out the regkey workaround that should be pretty straightforward as a worklet. Here’s an example of a worklet that modifies a regkey:
CVE-2020-1350 is a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server and is classified as a ‘wormable’ vulnerability with a CVSS base score of 10.0. This issue results from a flaw in Microsoft’s DNS server role implementation and affects all Windows Server versions. Non-Microsoft DNS Servers are not affected.
There is a patch available today here and through Windows Update and hence Automox.
An alternative workaround for this solution is the following registry key change…
but you’d used Remove-ItemProperty instead of New-ItemProperty:
The Remove-ItemProperty cmdlet deletes a property and its value from an item. You can use it to delete registry values and the data that they store.
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
