2017-11-24

[BUG] Windows 10 default user profile oddity - Free folders for everyone

Remember my post from July 2017 about how the default user profile under Windows 10 was writeable by any user (no admin rights required) if you had 1607 installed at any point in time?
 
Well, here we are again with a new oddity.
 

Microsoft did fix some of the folder permissions of the default user profile, especially those of the „Startup“ folder to avoid people placing malicious files there that would get executed every time a new user logs onto such a machine. But apparently they introduced a new … „feature“.
 
If, for example, you navigate to „C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu“ as any user and try to create a new folder there Windows will actually create _four_ new folders instead.
 


Systems that were installed with 1703 and 1709 do not seem to be affected by this issue. Those require elevated rights anyway. And neither are systems that are still running 1607. But every system I have tested so far that had 1607 installed at any point in time and has been upgraded to either 1703 or 1709 is showing the same issue in various subfolders of the default user profile.
 

No comments: