Forum Discussion
Microsoft Policy Analyzer 4.0 crashes after apply April updates
Good morning community !!
After apply security/.NET patches corresponding to April, the policy analyzer is not working anymore...
On details
See the end of this message for details on invoking
just-in-time (JIT) debugging instead of this dialog box.************** Exception Text **************
Deleted because system do not permit to publish it
************** Loaded Assemblies **************
mscorlib
Assembly Version: 4.0.0.0
Win32 Version: 4.8.9032.0 built by: NET481REL1
CodeBase: file:///C:/Windows/Microsoft.NET/Framework64/v4.0.30319/mscorlib.dll
----------------------------------------
PolicyAnalyzer
Assembly Version: 4.0.2004.13001
Win32 Version: 4.0.2004.13001
CodeBase: file:///C:/Personal/PolicyAnalyzer/PolicyAnalyzer/PolicyAnalyzer_40/PolicyAnalyzer.exe
----------------------------------------
System.Windows.Forms
Assembly Version: 4.0.0.0
Win32 Version: 4.8.9032.0 built by: NET481REL1
CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System
Assembly Version: 4.0.0.0
Win32 Version: 4.8.9032.0 built by: NET481REL1
CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
System.Drawing
Assembly Version: 4.0.0.0
Win32 Version: 4.8.9032.0 built by: NET481REL1
CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
System.Configuration
Assembly Version: 4.0.0.0
Win32 Version: 4.8.9032.0 built by: NET481REL1
CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
----------------------------------------
System.Xml
Assembly Version: 4.0.0.0
Win32 Version: 4.8.9032.0 built by: NET481REL1
CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
Accessibility
Assembly Version: 4.0.0.0
Win32 Version: 4.8.9032.0 built by: NET481REL1
CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Accessibility/v4.0_4.0.0.0__b03f5f7f11d50a3a/Accessibility.dll
----------------------------------------
System.Core
Assembly Version: 4.0.0.0
Win32 Version: 4.8.9032.0 built by: NET481REL1
CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll
----------------------------------------************** JIT Debugging **************
To enable just-in-time (JIT) debugging, the .config file for this
application or computer (machine.config) must have the
jitDebugging value set in the system.windows.forms section.
The application must also be compiled with debugging
enabled.For example:
<configuration>
<system.windows.forms jitDebugging="true" />
</configuration>When JIT debugging is enabled, any unhandled exception
will be sent to the JIT debugger registered on the computer
rather than be handled by this dialog box.
It was working fine since patching apply.
I tried to uninstall patches, but the error still remains
Any clue to fix this?
Thank you !!
I'll try posting it as an image instead:
18 Replies
- AaronMargosis_TaniumIron Contributor
I'll try posting it as an image instead:
- AngelParedero23Copper Contributor
Good morning.
It fixed !!. Installing the CU provided by CIS, Policy Analyzer is back to work...Thank you and best regards.
- AaronMargosis_TaniumIron Contributor
My apologies for the bug leading to a crash rather than displaying a warning. Also my apologies for having to post the answer as a screenshot: the techcommunity platform seems to have some unnecessarily aggressive filtering that deletes comments that it shouldn't.
- AaronMargosis_TaniumIron Contributor
- AaronMargosis_TaniumIron Contributor
The problem is that with the April 8 2025 updates Microsoft added a new Advanced Auditing subcategory and mistakenly assigned it the same GUID that is already assigned to another subcategory. That's a bug in Windows -- those GUIDs need to be unique to configure auditing. The bug in Policy Analyzer appears to be that it assumes there are no duplicates and fails to check for them (which it had never needed to before).
The new Advanced Auditing subcategory is represented in the registry key, HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Audit\SystemPolicy\LogonLogoff\AccessRights. On a US-English system, it is called "Audit Access Rights" in the "Logon/Logoff" category. In the registry it has the same GUID as "Audit Token Right Adjusted" under "Detailed Tracking."
Microsoft updated the Windows Update packages on April 11 for some OSes, including Win11 23H2/24H2, Win11 LTSC 2024, WS2025, and Azure Stack HCI 22H2, so that applying WU after that date resolves the issue. (As far as I can tell, the mistake was never applied to Win10 22H2.) For many other supported OSes, including WS2022, WS2019, WS2016, Win10 LTSC 2019, Win10 LTSC 2016, fixing the issue requires finding, downloading, and installing an OS-specific out-of-band update from the Microsoft Update Catalog website. One of the outcomes of applying the fix is that the "Access Rights" subcategory and the AccessRights registry key is removed.
- AaronMargosis_TaniumIron Contributor
I found the source of the problem and have posted replies about it twice, and my replies keep getting disappeared.
I'll try again...
Posted again, and it's disappeared again already.
- chippzCopper Contributor
Having the same issue. I'm able to run Policy Analyzer from my windows desktop, but not from windows server 2019.
- AngelParedero23Copper Contributor
I guess that some kind of patch or new policy analyzer version it's the solution to this issue.
It's clear that many people is affected, or at least is not an isolate case.Thank you and best regards.
- NateAtEWCopper Contributor
Seeing the same issue here across various operating systems when they are updated; Windows Server 2019, Windows Server 2022, Windows 11 23H2. I was able to uninstall the last cumulative update on a Windows Server 2022 VM and was able to run Policy Analyzer. Hopefully this gets fixed soon.
- AMJensen74Copper Contributor
I can confim the same problem on Windows Server 2016 after Loading CIS Level 1 policies in Policy Analyzer I can't make a compare to Effective state
- AaronMargosis_TaniumIron Contributor
Are these on AD-joined systems? I tested on standalone and couldn't repro, and I'm wondering whether this update might be relevant:
Microsoft: New Windows updates fix Active Directory policy issues
- localhorstCopper Contributor
I have the same problem. Policy Analyzer still starts, but when I try “View / Compare” it ends with the error. Two days before, before I installed Windows Updates (April 2025), Policy Analyzer was still running on the system.
Window Server 2022 21H2
- AaronMargosis_TaniumIron Contributor
What operating system are you seeing this happening on, and do you have any particular security baselines applied?
[edit]
Also, when did the error occur? Right when starting Policy Analyzer, or when trying to perform a specific operation?
- speedbugCopper Contributor
I have the same problem on Windows Server 2019
- AngelParedero23Copper Contributor
Good morning Aaron.
I'm executing Policy Analyzer 4.0 on a Windows 11 machine.
This happens when I select my GPOs backup, and press on "View/Compare" button
Previous to the April's windows updates, policy analyzer was working fine
Thank you
- AaronMargosis_TaniumIron Contributor
I was out for a couple of days -- just now was my first opportunity to test. I updated my standalone Win11 24H2 VM with the latest WU updates and then tested Policy Analyzer a number of ways. Could not reproduce a crash. Did Microsoft fix the patch and reissue it?