Does Windows 10 update KB5034763 block protocol changes (URL association)?

Windows[German]I'm going to post an issue here in the blog that I came across a few days ago. The problem is that since the February 2024 update under Windows 10, it is no longer possible to make changes to web protocols via API calls. However, this is needed in order to be able to register other applications for handling URL calls. It looks like the February 2024 update KB5034763 is the problem.


Advertising

Windows 10 Update KB5034763

Cumulative Update KB5034763 has been available for Windows 10 version 21H1-22H2 since February 13, 2024 and is intended to fix various security issues in Windows. I pointed out such a vulnerability in the article Windows vulnerability CVE-2024-21412: Attacks by the APT group Water Hydra.

The update itself was described by me in the blog post Patchday: Windows 10 Updates (February 13, 2024). There it is also mentioned that Microsoft will have fixed a problem in the Metadata for Devices section, which makes downloads from Windows Metadata and Internet Services (WMIS) over HTTPS more secure.

Problems with URL protocol handler changes

In this context, the following tweet from Christoph Kolbicz came to my attention. Christoph has received several reports that SetUserFTA and SetDefaultBrowser  http/s associations no longer work after the latest Windows 10 updates.

The background to why this is needed: If a third-party utility wants to use the URL calls or act as the default browser, it must adjust the corresponding mappings for the URL protocols. I linked to Kobicz's blog post above.


Advertising

And that seems to have stopped working since the February 2024 patchday – according to my interpretation of the tweets above. Kolbicz writes that he cannot yet reproduce the problem himself, but that he always expected Microsoft to take this step. It looks like the Windows 10 update KB5034763 is the culprit. This update restricts registry access to the registry branch:

HKCU\SOFTWARE\Microsoft\Windows\Shell\Associations\UrlAssociations\

for the entries http and https – this even applies to the registry editor regedit. Other protocols and file types do not appear to be affected, writes Kolbicz. If you work with a standard browser and have configured it, the assignment is retained. But third-party utilities that want to change the entry will be blocked. This should be a slight disaster in non-persistent/VDI environments, writes another user. The way I've been following the tweets, the effect seems to be quite tricky – if there is a problem in this direction, it could be due to the above issue.


Cookies helps to fund this blog: Cookie settings
Advertising


This entry was posted in issue, Windows and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *