Microsoft won’t patch Windows registry warning problem – Naked Security

A security researcher has found a way to tinker with Windows’ core settings while persuading users to accept the changes, it emerged this week – and Microsoft has no intention of patching the issue.

The attack was discovered by John Page, who goes by the name hyp3rlinkx. It focuses on the Windows registry, which is a database of configuration settings for software programs, hardware devices, user preferences and the operating system itself.

Users can make changes to the registry using the Registry Editor program that ships with Windows, but this isn’t something that non-power users would normally do. Messing with the registry can cripple your machine or introduce security risks.

In most cases, when a Windows user really must make changes to the registry, they’ll do it by clicking on a file with a .reg extension. These files, provided by a trusted third party, alter the registry without the user having to enter anything.

This is why a dialogue box appears when opening a .reg file, asking users if they trust the source and if they want to continue. It will then offer a ‘yes’ or ‘no’ choice.

Page’s attack changes that. In a document describing the process, he explains:

…we can inject our own messages thru the filename to direct the user to wrongly click “Yes”, as the expected “Are you sure you want to continue?” dialog box message is under our control.


Please enter your comment!
Please enter your name here