By Sergiu Gatlan September 23, 2022 07:28 AM
Microsoft has acknowledged a known issue where copying files/shortcuts using Group Policy Preferences on Windows client devices might not work as expected after installing recent Windows cumulative updates released during this month’s Patch Tuesday.
On affected systems, files or shortcuts will not copy to the target drives or end up as zero-byte files when using Group Policy file operations.
“File copies using Group Policy Preferences might fail or might create empty shortcuts or files using 0 (zero) bytes,” Microsoft explained.
“Known affected Group Policy Objects are related to files and shortcuts in User Configuration -> Preferences -> Windows Settings in Group Policy Editor.”
The list of affected platforms includes client (from Windows 8.1 up to Windows 11 22H2) and server releases (from Windows Server 2008 SP2 and up to Windows Server 2022).
Microsoft acknowledged the issue following a stream of Windows admin reports across multiple social networks and on Microsoft’s online community regarding issues with Group Policy settings after deploying September 2022 Patch Tuesday updates.
At the time, some of the affected admins suggested a radical fix requiring manually uninstalling and hiding the offending cumulative updates. Unfortunately, this would also remove all fixes for recently patched security vulnerabilities.
However, multiple admins have also reported that un-checking the “Run in user security context” option on the affected GPOs will help address the file copying and shortcut creation problems.
Official workarounds are also available
Microsoft confirmed the last workaround shared by impacted customers before the issue was acknowledged, together with a couple of additional ways to mitigate the issue (any one of them is enough for mitigation) :
Uncheck the “Run in logged-on user’s security context (user policy option).” Note: This might not mitigate the issue for items using a wildcard (*).
Within the affected Group Policy, change “Action” from “Replace” to “Update.”
If a wildcard (*) is used in the location or destination, deleting the trailing “\” (backslash, without quotes) from the destination might allow the copy to be successful.
Redmond also added that its developers are working on a resolution for this known issue and will provide a fix with an upcoming update.
Article (https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-workarounds-for-windows-group-policy-issues/)
Microsoft: Windows KB5017383 preview update added to WSUS by mistake
(https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-kb5017383-preview-update-added-to-wsus-by-mistake/)
Microsoft rolls out emergency fix for blocked Windows logins (https://www.bleepingcomputer.com/news/microsoft/microsoft-rolls-out-emergency-fix-for-blocked-windows-logins/)
Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, RackSpace, Axcient
“Where Service and Technical Skills Count”