Skip to main content

KB4577015 breaks parts of MMC

  • September 28, 2020
  • 1 reply
  • 53 views

Forum|alt.badge.img

Looks like typical Microsoft introduced a new GPO option in the Security tab, and it breaks part of MMC. Theres a workaround that involves deleting the regkey and readding it once a hotpatch comes out. We experienced this error and caused a fair amount of confusion. Hopefully it saves one of you guys from a panic attack.


Cheers.


https://borncity.com/win/2020/09/14/windows-server-2016-update-kb4577015-verursacht-gpo-mmc-wsecedit-dll-fehler/

1 reply

Nic-Automox
  • Former Automox Employee
  • 832 replies
  • September 29, 2020

Thanks for sharing that - it does look like an annoying bug. For anyone who is rolling out the regkey workaround that should be pretty straightforward as a worklet. Here’s an example of a worklet that modifies a regkey:
 


CVE-2020-1350 is a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server and is classified as a ‘wormable’ vulnerability with a CVSS base score of 10.0. This issue results from a flaw in Microsoft’s DNS server role implementation and affects all Windows Server versions. Non-Microsoft DNS Servers are not affected.
There is a patch available today here and through Windows Update and hence Automox.
An alternative workaround for this solution is the following registry key change…

 

 

 


but you’d used Remove-ItemProperty instead of New-ItemProperty:

 

 

 

 

 

 

 

 


docs.microsoft.com



7b93b53c991763510cdf1d74ea8810bb3f3ca784.png

Remove-ItemProperty (Microsoft.PowerShell.Management) - PowerShell

 

The Remove-ItemProperty cmdlet deletes a property and its value from an item. You can use it to delete registry values and the data that they store.



 

 

 

 


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings