Mitigation for Whitelisting Bypass using regsvr32 - "White Register"

A researcher has discovered undocumented functionality in regsvr32 that allows for arbitrary code execution even in otherwise locked-down environments.

Regsvr32, which provides core OS functionality for Windows, has an option available to load scripts from arbitrary network locations.

The researcher's description of exploitation is found here

Please note, the ...

more ...