---

‘New’ Windows Security Flaw Runs Apps Without Admin Rights

Taking advantage of the hole requires the use of regsvr32, a Windows command line utility for registering and unregistering DLLs and ActiveX controls in the Windows Registry. Use of the exploit is difficult to trace, as it doesn’t require administrator rights or alter the registry.