Registry Provider Security Considerations

Caution should be taken when implementing any solution that takes advantage of the Registry Provider. The standard disclaimer applies: Serious problems might occur if you modify the registry incorrectly. Improper use of this provider could result in denial of service, extended service downtime, information disclosure, or loss of data. Here are a few guidelines that developers and operations staff should consider:

Note about HMC use of the Registry Provider: HMC use of the registry provider particularly for write operations is purposely restricted to keys under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Provisioning.

For more general content about input sources and effective data validation for MPS, see Input Validation and Protection against Injection Attacks.