Regsvr32 Malicious DLL

Regsvr32.exe is a command-line program used to register and unregister object linking and embedding controls. It can also be used to specifically bypass process whitelisting. Malicious activity or users may take advantage of this functionality to avoid being detected by endpoint solutions because of whitelists or false positives from Windows using regsvr32.exe for normal operations.

« Back to Glossary Index

Security news and stories right to your inbox!