I'm probably beating a dead horse here, but I don't see the vulnerability. There are some notes on Buffer overruns with this AND a bunch of other ActiveX dlls, but the issue had nothing to do with writing to the registry. The issue was being able to run other code.

I think this is someone who has seen the REG in the DLL name, and assumed it meant REGistry. The same as the people who saw AD in ADvpack.dll when Aureate originally raised it's ugly head, and assumed the AD meant ADvertising, and started recommending the removal of this DLL.

The following MS note talks about the Registration Wizard after the fiasco in 1999 with unique identifiers being sent back to MS.

http://www.microsoft.com/presspass/features/1999/03-08custletter2.asp
http://www.microsoft.com/presspass/features/1999/03-10qa.asp

This is also the time when this "tweak" originally surfaced, and the following page is "meant" to show the hole? (it shows nothing on my system, since it is uptodate with all security, etc patches. And I could not find the specific one the closed the "leak").

http://content.techweb.com/winmag/web/regwiz.htm

You can also confirm the purpose of this DLL by doing Start > Run > REGWIZ or REGWIZ /r.

If you have unregistered the DLL, you will get an error. If you haven't, you get the Registration Wizard.

Maybe I'm missing something, but this does not seem to be a gaping vulernabilty (or even a small one) that hackers are waiting to pounce on.