Hello, trying to run the manual remedy with .\EOMT.ps1 -CVE 'CVE-2026-42897' -WhatIf option and getting this error about registry keys???, changed the server name to protect the innocent :)
Starting EOMT.ps1 version 26.05.14.1633 on abcd01
Resolved mitigation target: CVE-2026-42897 - OWA XSS - Outbound URL Rewrite adding Content-Security-Policy script-src-attr 'none' to OWA HTML responses
What if: Display Warning about CVE-2026-42897 mitigation
[1/1] Checking prerequisites on abcd01
abcd01 : Vulnerable to CVE-2026-42897 — will apply mitigation
Checking IIS URL Rewrite Module on local server
What if: Performing the operation "New drive" on target "Name: HKU Provider: Microsoft.PowerShell.Core\Registry Root: Registry::HKEY_USERS".
Get-ChildItem : Cannot find drive. A drive with the name 'HKU' does not exist.
At C:\ExchangeSe-Mitigations\EOMT.ps1:1797 char:31
+ $UninstallKeys += Get-ChildItem HKU: | Where-Object { $_. ...
+ ~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (HKU:String) [Get-ChildItem], DriveNotFoundException
+ FullyQualifiedErrorId : DriveNotFound,Microsoft.PowerShell.Commands.GetChildItemCommand
Applying CVE-2026-42897 mitigation on abcd01
What if: Performing the operation "Apply CVE-2026-42897 mitigation to Default Web Site" on target "abcd01".
WhatIf: No changes were made to IIS configuration on abcd01
EOMT.ps1 complete. Review logs at C:\ExchangeSe-Mitigations\EOMT.ps1-Debug_20260515144120.txt
sorry forgot to mention, its a fully patched up to date ExchangeSE edition \ version 15.2.2562.41