MS16-072 may cause problems with respect to Group Policy. https://support.microsoft.com/en-us/kb/3163622 There are postings about it. To name a few: http://www.theinquirer.net/inquirer/news/2461827/patch-tuesday-balls-up-reveals-hidden-system-drives http://www.theregister.co.uk/2016/06/15/microsoft_fix_borks_group_policy/ https://social.technet.microsoft.co...e34/patch-tuesday-kb3159398?forum=winserverGP And more ... Maybe it would be good to read the Known Issues at MS16-072 and the Symptoms, Cause and Resolution there in case you are affected, this might solve your problems.
I'll try to give the info that MS is giving at this moment in KB 3163622, revision 4.0 . Quotes from Know Issues and further down there: MS16-072 changes the security context with which user group policies are retrieved. This by-design behavior change protects customers’ computers from a security vulnerability. Before MS16-072 is installed, user group policies were retrieved by using the user’s security context. After MS16-072 is installed, user group policies are retrieved by using the computer's security context. This issue is applicable for the following KB articles: • 3159398 MS16-072: Description of the security update for Group Policy: June 14, 2016 • 3163017 Cumulative update for Windows 10: June 14, 2016 • 3163018 Cumulative update for Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4: June 14, 2016 • 3163016 Cumulative Update for Windows Server 2016 Technical Preview 5: June 14 2016 Symptoms All user Group Policy, including those that have been security filtered on user accounts or security groups, or both, may fail to apply on domain joined computers. Cause This issue may occur if the Group Policy Object is missing the Read permissions for the Authenticated Users group or if you are using security filtering and are missing Read permissions for the domain computers group. Resolution To resolve this issue, use the Group Policy Management Console (GPMC.MSC) and follow one of the following steps: • Add the Authenticated Users group with Read Permissions on the Group Policy Object (GPO). • If you are using security filtering, add the Domain Computers group with read permission.
would this update cause problems with cryptoprevent program and/or daily use of average user just surfing the web? thanks win764bit
As I understand it affects computer joining domains, so it shouldn't create problems with stand-alone systems?
I just applied the update and it did not cause any problems when I ran the cryptoprevent self-test. (However, I observed previously that cryptoprevent showed expired signing certificates as of May 7, 2016 and wonder if anyone else has noticed this.)
