Registry stored procedures could allow an attacker to retrieve information about the server, discover passwords, or elevate privileges. Care should be taken when removing them, however, because they are used by some Enterprise Manager features and service pack installers. Usually the best course of action is to ensure that their use is restricted to system administrators. Use of the SQL Profiler can pinpoint exactly how and when they are utilized.
In SQL Server 2000 each of these procedures also has a corresponding instance procedure: xp_instance_regaddmultistring, xp_ instance_regdeletekey, xp_ instance_regdeletevalue, xp_ instance_regenumkeys, xp_ instance_regenumvalues, xp_ instance_regread, xp_ instance_regremovemultistring, and xp_ instance_regwrite.
18.117.243.175