Forum Discussion

AngelParedero23's avatar
AngelParedero23
Copper Contributor
Apr 10, 2025
Solved

Microsoft Policy Analyzer 4.0 crashes after apply April updates

Good morning community !!

After apply security/.NET patches corresponding to April, the policy analyzer is not working anymore...

On details

See the end of this message for details on invoking 
just-in-time (JIT) debugging instead of this dialog box.

************** Exception Text **************
Deleted because system do not permit to publish it


************** Loaded Assemblies **************
mscorlib
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.9032.0 built by: NET481REL1
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework64/v4.0.30319/mscorlib.dll
----------------------------------------
PolicyAnalyzer
    Assembly Version: 4.0.2004.13001
    Win32 Version: 4.0.2004.13001
    CodeBase: file:///C:/Personal/PolicyAnalyzer/PolicyAnalyzer/PolicyAnalyzer_40/PolicyAnalyzer.exe
----------------------------------------
System.Windows.Forms
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.9032.0 built by: NET481REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.9032.0 built by: NET481REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
System.Drawing
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.9032.0 built by: NET481REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
System.Configuration
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.9032.0 built by: NET481REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
----------------------------------------
System.Xml
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.9032.0 built by: NET481REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
Accessibility
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.9032.0 built by: NET481REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Accessibility/v4.0_4.0.0.0__b03f5f7f11d50a3a/Accessibility.dll
----------------------------------------
System.Core
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.9032.0 built by: NET481REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll
----------------------------------------

************** JIT Debugging **************
To enable just-in-time (JIT) debugging, the .config file for this
application or computer (machine.config) must have the
jitDebugging value set in the system.windows.forms section.
The application must also be compiled with debugging
enabled.

For example:

<configuration>
    <system.windows.forms jitDebugging="true" />
</configuration>

When JIT debugging is enabled, any unhandled exception
will be sent to the JIT debugger registered on the computer
rather than be handled by this dialog box.

 

It was working fine since patching apply.

I tried to uninstall patches, but the error still remains

Any clue to fix this?

 

Thank you !!

 

18 Replies

    • AngelParedero23's avatar
      AngelParedero23
      Copper Contributor

      Good morning.

      It fixed !!. Installing the CU provided by CIS, Policy Analyzer is back to work...

      Thank you and best regards. 

      • AaronMargosis_Tanium's avatar
        AaronMargosis_Tanium
        Iron Contributor

        My apologies for the bug leading to a crash rather than displaying a warning. Also my apologies for having to post the answer as a screenshot: the techcommunity platform seems to have some unnecessarily aggressive filtering that deletes comments that it shouldn't.

  • The problem is that with the April 8 2025 updates Microsoft added a new Advanced Auditing subcategory and mistakenly assigned it the same GUID that is already assigned to another subcategory. That's a bug in Windows -- those GUIDs need to be unique to configure auditing. The bug in Policy Analyzer appears to be that it assumes there are no duplicates and fails to check for them (which it had never needed to before).

     

    The new Advanced Auditing subcategory is represented in the registry key, HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Audit\SystemPolicy\LogonLogoff\AccessRights. On a US-English system, it is called "Audit Access Rights" in the "Logon/Logoff" category. In the registry it has the same GUID as "Audit Token Right Adjusted" under "Detailed Tracking."

     

    Microsoft updated the Windows Update packages on April 11 for some OSes, including Win11 23H2/24H2, Win11 LTSC 2024, WS2025, and Azure Stack HCI 22H2, so that applying WU after that date resolves the issue. (As far as I can tell, the mistake was never applied to Win10 22H2.) For many other supported OSes, including WS2022, WS2019, WS2016, Win10 LTSC 2019, Win10 LTSC 2016, fixing the issue requires finding, downloading, and installing an OS-specific out-of-band update from the Microsoft Update Catalog website. One of the outcomes of applying the fix is that the "Access Rights" subcategory and the AccessRights registry key is removed.

  • I found the source of the problem and have posted replies about it twice, and my replies keep getting disappeared.

    I'll try again...

    Posted again, and it's disappeared again already.

  • chippz's avatar
    chippz
    Copper Contributor

    Having the same issue. I'm able to run Policy Analyzer from my windows desktop, but not from windows server 2019. 

  • AngelParedero23's avatar
    AngelParedero23
    Copper Contributor

    I guess that some kind of patch or new policy analyzer version it's the solution to this issue.
    It's clear that many people is affected, or at least is not an isolate case.

     

    Thank you and best regards.

  • NateAtEW's avatar
    NateAtEW
    Copper Contributor

    Seeing the same issue here across various operating systems when they are updated; Windows Server 2019, Windows Server 2022, Windows 11 23H2. I was able to uninstall the last cumulative update on a Windows Server 2022 VM and was able to run Policy Analyzer. Hopefully this gets fixed soon.

  • AMJensen74's avatar
    AMJensen74
    Copper Contributor

    I can confim the same problem on Windows Server 2016 after Loading CIS Level 1 policies in Policy Analyzer I can't make a compare to Effective state 

     

  • localhorst's avatar
    localhorst
    Copper Contributor

    I have the same problem. Policy Analyzer still starts, but when I try “View / Compare” it ends with the error. Two days before, before I installed Windows Updates (April 2025), Policy Analyzer was still running on the system.

    Window Server 2022 21H2

  • What operating system are you seeing this happening on, and do you have any particular security baselines applied?

    [edit]

    Also, when did the error occur? Right when starting Policy Analyzer, or when trying to perform a specific operation?

    • speedbug's avatar
      speedbug
      Copper Contributor

      I have the same problem on Windows Server 2019

    • AngelParedero23's avatar
      AngelParedero23
      Copper Contributor

      Good morning Aaron.

       

      I'm executing Policy Analyzer 4.0 on a Windows 11 machine.

      This happens when I select my GPOs backup, and press on "View/Compare" button

       

      Previous to the April's windows updates, policy analyzer was working fine 

       

      Thank you

      • AaronMargosis_Tanium's avatar
        AaronMargosis_Tanium
        Iron Contributor

        I was out for a couple of days -- just now was my first opportunity to test. I updated my standalone Win11 24H2 VM with the latest WU updates and then tested Policy Analyzer a number of ways. Could not reproduce a crash. Did Microsoft fix the patch and reissue it?

Resources