Using the REG file examples a REG_SZ will be created by default so yes it would be correct.
--please don't forget to upvote
and Accept as answer
if the reply is helpful--
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi All
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2013-3900
To remediate the vulnerability CVE-2013-3900 is to add the below registry values.
[HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Wintrust\Config]
"EnableCertPaddingCheck"="1"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config]
"EnableCertPaddingCheck"="1"
Using the REG file examples a REG_SZ will be created by default so yes it would be correct.
--please don't forget to upvote
and Accept as answer
if the reply is helpful--
These reg keys do not resolve this vulnerability. I am still waiting for Microsoft to provide an updated and working resolution.
On Windows servers 2016/2019 i dont see the folders Wintrust\Config in registries. do i need to create these folders and the registry value EnableCertPaddingCheck"=1
No problem with registry type DWORD.
REG ADD “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Wintrust\Config” /v EnableCertPaddingCheck /t REG_DWORD /d 1
REG ADD “HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config” /v EnableCertPaddingCheck /t REG_DWORD /d 1
Made the .reg from the entries below. Transferred it to the user's machine and ran. Waiting for SP360 to refresh and I'll verify the fix.
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Wintrust\Config] "EnableCertPaddingCheck"="1" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config] "EnableCertPaddingCheck"="1"