HomeWinBuzzer NewsWindows 10 Registry Vulnerability Could Leave PCs Exposed

Windows 10 Registry Vulnerability Could Leave PCs Exposed

A new flaw in Windows Registry on Windows 10 allows low privilege access, but it is unclear which PCs are affected.

-

is the world's leading enterprise brand, delivering services across enterprise sectors. So, it is no surprise Microsoft products are the most frequently targeted by cyber threat attacks. In fact, most weeks some kind of attack is being carried out, either successfully or not. Still, it seems 2021 has been a bad year for breaches and a new vulnerability in is now affecting users.

I say this year has been a bad year because the major attacks on Microsoft products have been particularly dangerous. There were the Microsoft Exchange Server attacks, which remain a threat, and of course, the ongoing PrintNightmare exploit targeting Windows Print Spooler. The latest exploit could have the potential to be as dangerous as both those attacks.

As reported by BleepingComputer, a vulnerability in the Windows Registry allows access even to users with low-level privileges.

If you are unfamiliar with Windows Registry, it provides the underpinning of the Windows 10 platform. Just about every piece of information is available there, including app configurations, Windows security details for services, passwords, and more.

To access the registry, users need to have elevated privileges, which usually means local access/administrator or admin on a system.

Vulnerability

However, it seems this is not actually the case. The report points out someone could use Windows shadow volume copies to access the Windows Registry, even without that elevated privilege access. At the core of the situation, this means a hacker could leverage this flaw to gain access to a Windows machine.

One interesting aspect of this vulnerability is it does not seem to be consistently present. It has been found on Windows 10 20H2 that are fully patched. However, it is not visible on Windows 20H2 builds that have been clean installed. Still, there is currently no way to know if this is exclusive to builds that have been upgraded.

We will need Microsoft to step in an confirm this vulnerability to understand how it affects the platform.

Tip of the day: Hard drives are getting faster and more affordable every day, but unfortunately, their moving parts will always make them loud and mean their power draw isn't insignificant. This can be a particular issue for those with laptops, leading many to wonder how to turn off a hard disk after it reaches an idle state. In our tutorial we are showing you Windows 10: How to Turn off Hard Disk after Idle to Save Power .

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News

Mastodon