Bleeping Computer

Exploit released for new Windows Server "WinReg" NTLM Relay attack

Proof-of-concept exploit code is now public for a vulnerability in Microsoft's Remote Registry client that could be used to take control of a Windows domain by downgrading the security of the ...
Ars Technica

\PIPE\winreg Security Question

I noticed today that a user was logged into my computer from the internet and it listed \PIPE\winreg as his open "file." Needless to say, this concerned me a good deal. He's a Road Runner user (got ...
Ars Technica

controlling remote access to NT4 registry

The server I am connecting to is NT4 SP6a. I have set the ACL on HKLM\System\CurrentControlSet\Control\winreg = Administrators - Full Control and Backup Operators - Read. <P>According to the O'Reilly ...