Short Bytes: This Windows security flaw lets you run any app on Windows without admin rights and is neither traceable by the AppLocker feature. This Windows flaw was first discovered by Casey Smith last week. According to his findings, any app can be run on Windows without any admin rights by telling Regsvr32 to point to a remotely hosted file.
The vulnerability was discovered last week by Colorado-based Casey Smith, who blogged about his findings and published proof-of-concept scripts to demonstrate it on GitHub.
According to Casey Smith, if you tell Regsvr32 to point to a remotely hosted file (such as a script), you can run any app you want on that system. And this is what hackers and virus writers are looking for.
Also Read: 9 Out Of 10 Windows Security Flaws Could Be Avoided By Just Removing Admin Rights
Another advantage with this security flaw is that it’s stealthy as it doesn’t require administrator access. Until now, there isn’t a known patch for the flaw yet.
If you want to stop this flaw to take over your system, You can tell Windows Firewall to block Regsvr32, which prevents it from accessing online files. However, if you want to protect a bunch of the PCs this is not a good alternative.
Let’s see what Microsoft has to say about this.