This script is Copyright (C) 2000-2015 Tenable Network Security, Inc.
Local users can gain SYSTEM privileges.
Some SYSTEM registry keys can be written by non administrator.
These keys contain paths to common programs and DLLs. If a user can
change a path, then he may put a trojan program into another location
(say C:/temp) and point to it.
Use regedt32 and set the permissions of this key to :
- admin group : Full Control
- system : Full Control
- everyone : Read
Risk factor :
High / CVSS Base Score : 7.2