Microsoft notified its users that removing from accounts permissions security identifiers (SID) those with complicated and uncomprehensive names that lead to errors in work of OS and applications.
Starting from Windows 2012 and Windows 8, Microsoft presented a new type of identifiers – capability SID that allocate Windows component or UWP application access to certain resource on computer (file, folder and even device).In the access list, capability SID names are reflected not as simple for remembering and recognition names as TrustedInstaller или System, but as complicated sets of symbols.
According to Microsoft, in Windows 10 (version 1809) are used more than 300 SID identifiers.
Microsoft published a bulletin, where asks not to delete identifiers with “strange” names, if they were discovered.
“DO NOT DELETE capability SIDS from either the Registry or file system permissions. Removing a capability SID from file system permissions or registry permissions may cause a feature or application to function incorrectly”, — warns Microsoft.
Firstly, necessary checking if it is not capability SID, as its deletion can cause errors in Windows work or application, to which this SID allocates access to resources.
«After you remove a capability SID, you cannot use the UI to add it back», – reported in the bulletin.
Issue affects Windows 10, Windows 8.1, Windows 8, Windows Server 2016, Windows Server 2012 R2 and Windows Server 2012.
Microsoft also gives an instruction how to check if identifier is capability SID:
Select Start > Run, and then enter regedt32.exe.
Navigate to the following registry entry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\CapabilityClasses\AllCachedCapabilities.
Copy the value data and paste it into a text file (or a similar location where you can search the data).
Source: https://support.microsoft.com
