Hi, 
Guest
Pic
Sign In

oval_developer@lists.cisecurity.org

A list for people interested in developing the OVAL language.

View all threads

How does an SCAP Scanning Tool Handle update related to HKEY_CURRENT_USER_LOCAL_SETTINGS

WB
Wilson, Bryan L CIV USN SPAWARSYSCEN LANT SC (US)
Thu, Dec 6, 2018 6:15 PM

https://protect-us.mimecast.com/s/suRcCNkKVQtx9AOtme6TR?domain=github.com

This ticket notes that HKEY_CURRENT_USER_LOCAL_SETTINGS needs to be added to list of "hives" that can be assigned in appropriate windows registry tests.  We are having problems determining exactly what subset of data that represents.  Trying to access HKEY_CURRENT_USER_LOCAL_SETTINGS directly by using this as a hive doesn't return information, furthermore it is not displayed in regedt.exe.  It is documented as a subset of HKEY_CURRENT_CONFIG without roaming profile information.  That doesn't help define exactly how to attain the data.

The following reference: https://protect-us.mimecast.com/s/6nwDCOYXWVUXwJ7tv7xxg?domain=docs.microsoft.com documents what HKEY_CURRENT_USER_LOCAL_SETTINGS is but it doesn't really help know where that data is how is it attained.  This in contrast to HKEY_CURRENT_CONFIG which documents how to attain that data.

Any help will be greatly appreciated.

Bryan Wilson

SPAWAR

https://protect-us.mimecast.com/s/suRcCNkKVQtx9AOtme6TR?domain=github.com This ticket notes that HKEY_CURRENT_USER_LOCAL_SETTINGS needs to be added to list of "hives" that can be assigned in appropriate windows registry tests. We are having problems determining exactly what subset of data that represents. Trying to access HKEY_CURRENT_USER_LOCAL_SETTINGS directly by using this as a hive doesn't return information, furthermore it is not displayed in regedt.exe. It is documented as a subset of HKEY_CURRENT_CONFIG without roaming profile information. That doesn't help define exactly how to attain the data. The following reference: https://protect-us.mimecast.com/s/6nwDCOYXWVUXwJ7tv7xxg?domain=docs.microsoft.com documents what HKEY_CURRENT_USER_LOCAL_SETTINGS is but it doesn't really help know where that data is how is it attained. This in contrast to HKEY_CURRENT_CONFIG which documents how to attain that data. Any help will be greatly appreciated. Bryan Wilson SPAWAR
DS
David Solin
Thu, Dec 6, 2018 7:03 PM

Hi Bryan,

It corresponds to a value of 0x80000007 passed as the HKEY value to, e.g., RegOpenKeyEx.

Best regards,
—David Solin

On Dec 6, 2018, at 12:15 PM, Wilson, Bryan L CIV USN SPAWARSYSCEN LANT SC (US) via OVAL_Developer oval_developer@lists.cisecurity.org wrote:

https://protect-us.mimecast.com/s/SYsDCmZ0KltY6V5hB6E-z?domain=github.com https://protect-us.mimecast.com/s/4vHoCkRjG9i04Dnu2I6HW?domain=github.com

This ticket notes that HKEY_CURRENT_USER_LOCAL_SETTINGS needs to be added to list of "hives" that can be assigned in appropriate windows registry tests.  We are having problems determining exactly what subset of data that represents.  Trying to access HKEY_CURRENT_USER_LOCAL_SETTINGS directly by using this as a hive doesn't return information, furthermore it is not displayed in regedt.exe.  It is documented as a subset of HKEY_CURRENT_CONFIG without roaming profile information.  That doesn't help define exactly how to attain the data.

The following reference: https://protect-us.mimecast.com/s/RTYOCn5mLntLx4GUZ48i2?domain=docs.microsoft.com https://protect-us.mimecast.com/s/-aWSClYkJjUKkWoT9hBd6?domain=docs.microsoft.com documents what HKEY_CURRENT_USER_LOCAL_SETTINGS is but it doesn't really help know where that data is how is it attained.  This in contrast to HKEY_CURRENT_CONFIG which documents how to attain that data.

Any help will be greatly appreciated.

Bryan Wilson
SPAWAR

OVAL_Developer mailing list
OVAL_Developer@lists.cisecurity.org mailto:OVAL_Developer@lists.cisecurity.org
http://lists.cisecurity.org/mailman/listinfo/oval_developer_lists.cisecurity.org http://lists.cisecurity.org/mailman/listinfo/oval_developer_lists.cisecurity.org

Hi Bryan, It corresponds to a value of 0x80000007 passed as the HKEY value to, e.g., RegOpenKeyEx. Best regards, —David Solin > On Dec 6, 2018, at 12:15 PM, Wilson, Bryan L CIV USN SPAWARSYSCEN LANT SC (US) via OVAL_Developer <oval_developer@lists.cisecurity.org> wrote: > > https://protect-us.mimecast.com/s/SYsDCmZ0KltY6V5hB6E-z?domain=github.com <https://protect-us.mimecast.com/s/4vHoCkRjG9i04Dnu2I6HW?domain=github.com> > > This ticket notes that HKEY_CURRENT_USER_LOCAL_SETTINGS needs to be added to list of "hives" that can be assigned in appropriate windows registry tests. We are having problems determining exactly what subset of data that represents. Trying to access HKEY_CURRENT_USER_LOCAL_SETTINGS directly by using this as a hive doesn't return information, furthermore it is not displayed in regedt.exe. It is documented as a subset of HKEY_CURRENT_CONFIG without roaming profile information. That doesn't help define exactly how to attain the data. > > The following reference: https://protect-us.mimecast.com/s/RTYOCn5mLntLx4GUZ48i2?domain=docs.microsoft.com <https://protect-us.mimecast.com/s/-aWSClYkJjUKkWoT9hBd6?domain=docs.microsoft.com> documents what HKEY_CURRENT_USER_LOCAL_SETTINGS is but it doesn't really help know where that data is how is it attained. This in contrast to HKEY_CURRENT_CONFIG which documents how to attain that data. > > Any help will be greatly appreciated. > > Bryan Wilson > SPAWAR > _______________________________________________ > OVAL_Developer mailing list > OVAL_Developer@lists.cisecurity.org <mailto:OVAL_Developer@lists.cisecurity.org> > http://lists.cisecurity.org/mailman/listinfo/oval_developer_lists.cisecurity.org <http://lists.cisecurity.org/mailman/listinfo/oval_developer_lists.cisecurity.org>
Empathy v1.0   2024 ©Harmonylists.com