Incidents.org has an update on yesterdays story of very long registry entries not being visible in most registry tools (regedit among others.) They have an updated list of what does and does not read these long keys. They’ve alluded to nasties in the wild that are already taking advantage of this and have confirmed that the length is greater than 254 characters. On handler has written a program to scan the registry for these stealth entries
Tag: Sysinternals Autoruns
-
Nasty regedit bug
This is unusual, but it sounds like there is a bug in regedit (and regedit32) which prevents the displaying of unusually long registry keys. Now, that sounds innocent enough, it also prevents the viewing of keys entered under them. Again, ok not a crisis. Imagine if you had an extremely long registry key entered in the ….software/microsoft/windows/currentversion/run area? Annoying maybe? Ok, what if it were put there by malware? Oooooooh… that would be bad….