How to Safely Use the Windows Registry Editor (Regedit) in Windows 10

Microsoft is the world’s leading enterprise brand, delivering services across enterprise sectors. So, it is no surprise Microsoft products are the most frequently targeted by cyber threat attacks. In fact, most weeks some kind of attack is being carried out, either successfully or not. Still, it seems 2021 has been a bad year for breaches and a new vulnerability in Windows 10 is now affecting users.

I say this year has been a bad year because the major attacks on Microsoft products have been particularly dangerous. There were the Microsoft Exchange Server attacks, which remain a threat, and of course, the ongoing PrintNightmare exploit targeting Windows Print Spooler. The latest exploit could have the potential to be as dangerous as both those attacks.

As reported by BleepingComputer, a vulnerability in the Windows Registry allows access even to users with low-level privileges.

Advertisement

If you are unfamiliar with Windows Registry, it provides the underpinning of the Windows 10 platform. Just about every piece of information is available there, including app configurations, Windows security details for services, passwords, and more.

To access the registry, users need to have elevated privileges, which usually means local access/administrator or admin on a system.

Vulnerability

However, it seems this is not actually the case. The report points out someone could use Windows shadow volume copies to access the Windows Registry, even without that elevated privilege access. At the core of the situation, this means a hacker could leverage this flaw to gain access to a Windows machine.

One interesting aspect of this vulnerability is it does not seem to be consistently present. It has been found on Windows 10 20H2 that are fully patched. However, it is not visible on Windows 20H2 builds that have been clean installed. Still, there is currently no way to know if this is exclusive to builds that have been upgraded.

We will need Microsoft to step in an confirm this vulnerability to understand how it affects the platform.

Tip of the day: Hard drives are getting faster and more affordable every day, but unfortunately, their moving parts will always make them loud and mean their power draw isn’t insignificant. This can be a particular issue for those with laptops, leading many to wonder how to turn off a hard disk after it reaches an idle state. In our tutorial we are showing you Windows 10: How to Turn off Hard Disk after Idle to Save Power .

Advertisement