An attacker or a rogue employee can create custom control panel items and use these files to bypass the Windows AppLocker security feature. The latest of these was disclosed last Friday by Francesco Mifsud, a researcher at Context Information Security. CPL files, which are modified DLLs that load Control Panel items, can be used to launch malicious commands. The attack is possible because both “reg”” and “”regedit”” are Microsoft-signed binaries
Source: