Registry Permissions Could Expose Cryptographic Keys
Reported April 12, 2000 by Sergio Tabanelli
According to Microsoft"s report, loose permissions on the following registry key could allow a user to compromise the cryptographic keys of others users that might use the same system:
The key is designed to point to a DLL-based driver for a hardware-based encryption accellerator. Such a DLL has access to crypto keys stored on the NT machine, and thus, a Trojan DLL could be developed that could gain access to the crypto keys. Because the registry key has loose security permissions, any user that can logon interactively could define the registry key to point to a Trojan DLL.
Discovered and reported by Sergio Tabanelli