Defense in depth -- the Microsoft way (part 28): yes, we can (create even empty, but properly quoted pathnames)

["Stefan Kanthak" <stefan.kanthak () nexgo de>]

Hi @ll,

in order to prevent the start of the defunct USENET news client
(alias "Windows Mail") that Microsoft installs with Windows 7
and later versions of Windows as "Microsoft Outlook NewsReader",
the installation of all editions of Microsoft Office 2010 which
include Microsoft Outlook 2010 as well as the standalone version
of the latter create the following registry entries for the
"Microsoft Outlook NewsReader" with empty pathnames for the
icons and in the command lines:


--- DEFUNCT.REG ---
REGEDIT4

; PLEASE NOTICE THE PROPERLY QUOTED ALBEIT EMPTY PATHNAMES!

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook]
@="Microsoft Outlook"
"DLLPath"="MSIMNUI.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\Protocols]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\Protocols\news]
@="URL:News-Protokoll"
"URL Protocol"=""
"EditFlags"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\Protocols\news\DefaultIcon]
@=", -3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\Protocols\news\shell]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\Protocols\news\shell\open]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\Protocols\news\shell\open\command]
@="\"\" /outnews /newsurl:%1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\Protocols\nntp]
@="URL:NNTP-Protokoll"
"URL Protocol"=""
"EditFlags"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\Protocols\nntp\DefaultIcon]
@=", -3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\Protocols\nntp\shell]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\Protocols\nntp\shell\open]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\Protocols\nntp\shell\open\command]
@="\"\" /outnews /newsurl:%1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\Protocols\snews]
@="URL:Snews-Protokoll"
"URL Protocol"=""
"EditFlags"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\Protocols\snews\DefaultIcon]
@=", -3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\Protocols\snews\shell]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\Protocols\snews\shell\open]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\Protocols\snews\shell\open\command]
@="\"\" /outnews /newsurl:%1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\shell]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\shell\open]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\News\Microsoft Outlook\shell\open\command]
@="\"\" /outnews"
--- EOF ---


JFTR: the superfluous empty unnamed (default) registry values are
      created due to a well-known bug in the tools (not only) Microsoft
      uses to build packages for the Microsoft Installer.

      See but <https://msdn.microsoft.com/en-us/library/bb165967.aspx>
      why creating an empty default registry value (not only) for the
      "open" verb is a bug:

      | When registering standard verbs, do not set the default value
      | for the Open key. The default value contains the display string
      | on the menu. The operating system supplies this string for
      | standard verbs.


regards
Stefan Kanthak


PS: Windows 7, and of course Windows 8, Windows 8.1 and Windows 10 too,
    have at least one command line with an empty but properly quoted
    pathname out-of-the-box, even before the installation of Microsoft
    Outlook 2010:

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail\Windows Mail\InstallInfo]
"ShowIconsCommand"=expand:"\"\""