There is a Windows vulnerability that has been the target of hackers online and that is the Windows registry. This is most risky and even dangerous when your computer is connected to a network. And even worst if that network is public.
Why Microsoft would put such weakness into its operating system is such a puzzle to us. Perhaps what they have in mind is for its users to remotely control their Windows machine even when they are not physically around the device. But the same feature is being used and put to such threat by hackers online.
Good thing there is a way to prevent this vulnerability from being exploited. And that is what this article is all about. We will help you close that loophole and tighten up your Windows security a little bit. But please make sure that you will follow the instruction very carefully. We will be accessing the Windows Registry service and one wrong change in there will result in a catastrophic event. Well, not in a global scale catastrophe. We are just talking about a your-computer-area type of trouble which could involve Windows being stuck on boot or a BSOD.
Now that you are aware of some probable consequences, I think you are now ready. There is no need to rush so take your time with this manual fix. Let’s start.
Also, Make sure that your wireless router is all secure. 192.168.1.1 is the IP used by most of the routers used with Windows PC, so you can directly login at 192.168.1.1 website and change some settings which will make the network you are using more secure.
How to Disable Network Access to Windows Registry
- Before we start, we must make sure that you are using an Admin account on the computer that you want to do this solution.
- To check, go to Control Panel and then look for the User Accounts.
- From there, you should see if you are just using an Admin, standard, or guest account. What you need is the Admin Account.
- If you have access to the Admin Account, change the user profile you are currently using to Admin Account for this method to happen.
- Now, if you are in the Admin Account we can now continue.
- On your main desktop, press Windows key + R using your keyboard to launch the Run service from your Start menu.
- Type REGEDIT and press Enter key.
- Now you will see the Registry Editor window. Follow this map: HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem
- On the last line, the System key, right-click on it and choose NEW then click on DWORD (32-bit) value.
- Type in DisableRegistryTools and press Enter.
- As soon as the new key is created, double-click on it to see the Value Data.
- Type 1 as the new value and click OK.
- You may now exit the Registry Editor.
- Once you closed the Registry Editor, press the Windows key + R again to launch the Run service.
- Type again the REGEDIT and see if it opens again.
- If you see an error then we have succeeded.
Here is another way to disable the remote registry. This is just in case you cannot find the System key because there are some Windows versions that do not have this. This is similar to the first method so you will be a bit familiar with how to do this properly.
- Open the Registry Editor by pressing the Windows key + R.
- Type REGEDIT and press Enter.
- On the Registry Editor, follow this map: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesRemoteRegistry
- On the RemoteRegistry find the Start.
- Double-click on it to open.
- On the Value Data, type 4 as it is equivalent to Disable.
- Click OK. You may then close the Registry Editor.
- To test if this works, open the Registry Editor by pressing Windows key + R and press Enter key.
- Type the REGEDIT and press Enter. If it restricts you from accessing the Registry Editor then you have succeeded.
To Enable Access to Registry Editor Again
If you want to enable your access to registry again, you can do so in a very easy step. All you need to do is to double-click on the file that we created for this task. It will then bring back all your registry access rights. Just download this file and extract to use it.
This is a good way to make sure that you will not be easily hacked from an external online entity. While firewall and the private network is a good way to prevent that risk, some extra efforts such as this is always a better option.
Also, this method is not applicable to computers that are part of a network such as business and companies. This will prevent them from accessing the computer for a network-wide implementation. So keep that in mind too.
If you have queries about this article, be a friend and leave your message in the comment section. We will answer all of them as soon as we can. And if you know someone who needs to have this setup on their Windows machine, do share this with them as well. It will mean the world to us to learn that our article is helping out other people too.