indicatorregistry_key
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnforceUIPI
- First seen
- 2026-05-13
- Last seen
- 2026-05-13
- Sightings
- 1
Posts referencing this indicator
- A Deep Dive into the GetProcessHandleFromHwnd API
Registry value that, when set to 0, disables UIPI and enables the attack on newer Windows systems.