Microsoft has released new MSRC‑driven security hotfix for customers running System Center Operations Manager (SCOM) 2025 Update Rollup 1 and SCOM 2019 Update Rollup 6. These updates address a key security enhancement related to the PowerShell widget in the SCOM Web Console and are highly recommended for all environments leveraging these versions.
What’s the Purpose of This Hotfix?
The hotfix resolves the security issue described as:
“Changes to limit PowerShell widget access to Administrators only.”
SCOM’s PowerShell widget allows users to execute scripts directly via dashboard views. While powerful, it can introduce risk when used by users with insufficient permissions. This update ensures that only SCOM Administrators have access to PowerShell‑based widgets, thereby reducing the exposure of script execution capabilities in monitoring dashboards.
This security hardening is part of Microsoft’s continuous effort to strengthen Operations Manager by tightening role-based access and minimizing the potential attack surface.
Who Should Apply This Update?
If your organization is using one of the following versions, this hotfix applies to you:
- System Center Operations Manager 2025 UR1
- System Center Operations Manager 2019 UR6
Both updates ship as lightweight, targeted fixes and can be safely integrated into production environments after appropriate internal testing.
Download the Hotfix
- SCOM 2019 UR6 Hotfix:
https://support.microsoft.com/kb/5073251 - SCOM 2025 UR1 Hotfix:
https://support.microsoft.com/kb/5073079
Both pages include installation instructions, prerequisites, and details about affected components.
Why This Update Matters
Security in monitoring platforms should never be taken lightly. SCOM environments often run in mission‑critical datacenters, integrate with sensitive systems, and expose deep operational insights. Allowing non‑admin users access to PowerShell execution—even within limited dashboards—can lead to:
- Unintended automation actions
- Unauthorized script execution
- Exposure of sensitive operational data
- Potential lateral movement in compromised environments
By restricting access to administrators, the update ensures proper alignment with least privilege principles.
Recommendations for All SCOM Administrators
To maintain a secure and compliant SCOM environment:
- Review your current SCOM version and UR level.
- Apply the appropriate security hotfix as soon as possible.
- Validate dashboard functionality after the update, especially if your team uses custom PowerShell-based widgets.
- Document the change internally, particularly for regulated industries where security controls must be traceable.
If your organization maintains both SCOM 2019 and SCOM 2025 environments, make sure you apply the hotfixes to both to keep consistency in role-based access behavior.
Need Assistance?
If you need help with:
- Hotfix deployment
- SCOM environment validation
- Role-based access configuration
- Web console security reviews
- Upgrade planning for SCOM 2022 or SCOM 2025
Feel free to reach out through [email protected] or our social media accounts.
We are always happy to support organizations in maintaining secure and reliable monitoring environments.
Ali Burak Genç