Microsoft recommended users not delete from security permissions unknown and complicated words

Microsoft notified its users that removing from accounts permissions security identifiers (SID) those with complicated and uncomprehensive names that lead to errors in work of OS and applications.

Starting from Windows 2012 and Windows 8, Microsoft presented a new type of identifiers – capability SID that allocate Windows component or UWP application access to certain resource on computer (file, folder and even device).

In the access list, capability SID names are reflected not as simple for remembering and recognition names as TrustedInstaller или System, but as complicated sets of symbols.

Permissions for Classes screenshot
Permissions for Classes screenshot

According to Microsoft, in Windows 10 (version 1809) are used more than 300 SID identifiers.

Microsoft published a bulletin, where asks not to delete identifiers with “strange” names, if they were discovered.

“DO NOT DELETE capability SIDS from either the Registry or file system permissions. Removing a capability SID from file system permissions or registry permissions may cause a feature or application to function incorrectly”, — warns Microsoft.

Firstly, necessary checking if it is not capability SID, as its deletion can cause errors in Windows work or application, to which this SID allocates access to resources.

«After you remove a capability SID, you cannot use the UI to add it back», – reported in the bulletin.

Issue affects Windows 10, Windows 8.1, Windows 8, Windows Server 2016, Windows Server 2012 R2 and Windows Server 2012.

Microsoft also gives an instruction how to check if identifier is capability SID:

To get a list of all of the capability SIDs that Windows has a record of, follow these steps:

Select Start > Run, and then enter regedt32.exe.
Navigate to the following registry entry:
Copy the value data and paste it into a text file (or a similar location where you can search the data).


Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button