Microsoft's recent patch has caused a number of issues with write permissions and ownership on the OS. It the latest round of updates Microsoft (MS) rightly hardened the access permissions for the OS and added security features for MS Defender. These features added a second range of options that allows greater control and protections against exploits and vulnerabilities. in addition, MS Remote desktop has been hardened with the Defender controls to prevent execution of many OS management features, a blessing for the untrained, and a nightmare for the IT professional who had not yet understood the changes and was locked out of all system controls resulting in a manual visit to the data center to add appropriate exclusions.
However, an unintended consequence is that some authorized software is now, no longer allowed to access their own files, including some MS applications. In testing we found as follows:
- Changes to MS desktop files was reverted on reboot
- PRTG cannot be updated or uninstalled as it reverts on reboot even on the latest PRTG patch
- Manual registry edits and folder deletions, while showing at the time, revert on reboot from MS backup
- Installation of driver updates from the manufacturer are reverted on reboot
- Windows update breaks on some machines and cannot be fixed
These are just some of the issues encountered, and it appears random per machine and user. While the computer remains active, the saves hold, but revert on restart, suggesting that the cache is not updating, but this is not so as they save at time of execution, but revert from cache.
Tests have been done on 20H2, and prior, and each user reported different but similar issues that appear to be random depending on what's being done. Some report that their Icons fail, others games wont update or install. Others uninstall is refused, while other still have defender execution refusals based on "your organization has denied the chosen action" despite you being the administrator and having no way to change it as there is no explanation of where the authority lies.
Currently we are testing the 21H2 update set to launch in October for everyone to see if the problem resolves. We will update this post when testing is complete. If you are experiencing issues, you may want to execute the update patch now and see if the problems resolve.
Update 23 September 2021 The patch release for 21H2 resolves most problems; however, if computers are running services exposed to the internet, some reinstall of applications is needed to resolve tensions. As patches are completed problems are slowly resolving, so make sure you update your software as soon as the patches are available.