Malware may hide behind long names in Windows registry
InfoWorld | at | by Mike
Security experts have found a vulnerability in the Windows operating system that could allow malware to lurk undetected in long string names of the Windows Registry.
According to a security advisory by Denmark-based IT security company Secunia, the weakness is caused by an error in the Windows Registry Editor Utility's handling of long string names. A malicious program could hide itself in a registry key by creating a string with a long name, which would allow the malicious string and any created after it in the same key to remain hidden, according to Secunia. Keys are stored in the Windows Registry, which saves a PC's configuration settings.