/build/static/layout/Breadcrumb_cap_w.png

Question about running script to update 32-bit registry vs. 64-bit registry

I have a script that will add a new key and dword to a registry to Remediate an issue with Microsoft's MS17-Jun patch, where the patch is installed but needs a registry entry to actually make it work.  According to a Nessus scan, the reg entry needs to be put in one location on a 32-bit machine, and 2 locations on a 64-bit machine.  I wrote a powershell script to take care of that:

(32/64-Bit):


# Define the registry key location
$location = 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl'
# For testing I like a clear host :P
Clear-Host

# Adds that location at the top of the stack
Push-Location
Set-Location $location

# Test if the 'SpecialAccount' key already exists
if(Test-Path "$location\FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX"){

  Write-Verbose 'Key already exists' -Verbose

}else{

  # If not create new key called FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX
  New-Item -Path "$location" -Name 'FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX'
  # Create new DWORD in UserList
  New-ItemProperty -Path "$location\FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX" -Name 'iexplore.exe' -Value '1' -PropertyType DWORD
  # Reset back to the original location
  Pop-Location


Additional 64-Bit:


# Define the registry key location
$location = 'hklm:\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl'
# For testing I like a clear host :P
Clear-Host

# Adds that location at the top of the stack
Push-Location
Set-Location $location

# Test if the 'SpecialAccount' key already exists
if(Test-Path "$location\FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX"){

  Write-Verbose 'Key already exists' -Verbose

}else{

  # If not create new key called FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX
  New-Item -Path "$location" -Name 'FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX'
  # Create new DWORD in UserList
  New-ItemProperty -Path "$location\FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX" -Name 'iexplore.exe' -Value '1' -PropertyType DWORD
  # Reset back to the original location
  Pop-Location


The problem I am having is that the script works perfectly for the 64-bit insert (second script) but does not work for the 32-bit insert.  It doesn't matter if the machine is only 32-bit and just needs the top script run.  It will not insert the registry entry.  Can anyone see why this would be the case?  Thanks for any help you can provide



0 Comments   [ + ] Show comments

Answers (1)

Posted by: anonymous_9363 4 years ago
Red Belt
1

Observations:

- your "64-bit" code is writing to the 32-bit section of the registry

- you're not logging. How anyone expects to debug scripts like this without logging escapes me!

The guiding principle of any programming should always be to assume that NOTHING will work. EVER! Creating an object? Check that the object got created before attempting to use it. Creating a text file? Check that the file exists before writing to it. Get the idea?

- Lastly and sort of critically:

32-bit PowerShell - C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
64-bit PowerShell - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe


 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ