https://doublepulsar.com/hivenightmare-aka-serioussam-anybody-can-read-the-registry-in-windows-10-7a871c465fa5

 
Sign in
 
DoublePulsar

  * Cybersecurity News
  * Ransomware Threats
  * Threat Honeypots
  * Contact
  * Newsletter

#HiveNightmare aka #SeriousSAM -- anybody can read the registry in
Windows 10

Kevin Beaumont
Kevin Beaumont
Follow
Jul 20 * 4 min read
 

This is the story of how all non-admin users can read the registry --
and so elevate privileges and access sensitive credential information
-- on various flavours of Windows 10. It appears this vulnerability
has existed for years, and nobody noticed. In this post I made an
exploit to test it.

[1]
Press F to pay respects to MSRC (it's not their fault)