KB4577015 breaks parts of MMC

  • 29 September 2020
  • 1 reply

Userlevel 4

Looks like typical Microsoft introduced a new GPO option in the Security tab, and it breaks part of MMC. Theres a workaround that involves deleting the regkey and readding it once a hotpatch comes out. We experienced this error and caused a fair amount of confusion. Hopefully it saves one of you guys from a panic attack.



1 reply

Userlevel 7

Thanks for sharing that - it does look like an annoying bug. For anyone who is rolling out the regkey workaround that should be pretty straightforward as a worklet. Here’s an example of a worklet that modifies a regkey:

CVE-2020-1350 is a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server and is classified as a ‘wormable’ vulnerability with a CVSS base score of 10.0. This issue results from a flaw in Microsoft’s DNS server role implementation and affects all Windows Server versions. Non-Microsoft DNS Servers are not affected.
There is a patch available today here and through Windows Update and hence Automox.
An alternative workaround for this solution is the following registry key change…




but you’d used Remove-ItemProperty instead of New-ItemProperty:











Remove-ItemProperty (Microsoft.PowerShell.Management) - PowerShell


The Remove-ItemProperty cmdlet deletes a property and its value from an item. You can use it to delete registry values and the data that they store.