The Authenticated Users group should only have Read share-level permission for the SYSVOL share.
Even though the underlying NTFS permissions on the %SystemRoot%\Sysvol\Sysvol folder DO NOT allow an Authenticated Users to write or change anything, if the ACL was accidentally changed, members of the Authenticated Users could have write or Full Control permissions on the SYSVOL folders and files.
To correct this problem:
1. Use Windows Explorer, or My Computer, to browse to %SystemRoot%\Sysvol\Sysvol.
2. Right-click the folder and press Sharing and Security.
3. Press Permissions.
4. Select Authenticated Users.
5. Clear the Full Control and Change boxes in the Allow column.
6. Press OK and OK.