General discussion

Locked

The registry Flaw

By ediaz ·
When I started to investigate the registry vulnerability posted on August on Secunia, I didn't suspect how dangerous this flaw is.

I posted my experiments on my blog: <a href="http://www.darksideprogramming.org/archives/2005/10/the_registry_fl.html">The Registry Flaw</a> and discussed it on CodeProject
and thanks to the discussion thread we found the problem is more serious.

With this flaw, is possible to hide keys on the registry, invisibles to Microsoft Tools like RegEdit, and to the Microsoft .Net Library.
So if you are a virus writer, you can hide your keys in Windows\...\Run, so your malware is executed at startup.
In we discovered that the .Net runtime hides the bug, and in windows XP SP2 is more easy to hide keys on the registry: <a href="http://www.darksideprogramming.org/archives/2005/10/hidding_a_flaw.html">Hidding a Flaw</a>

This conversation is currently closed to new comments.

0 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Back to Malware Forum
0 total posts (Page 1 of 1)  

Related Discussions

Related Forums