HKML\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs
What is the purpose of the KnownDLLs?(To load some Dlls faster?)
If I have a admin's token, I can control the registry values.
Isn't there any security hole?
Why did Microsoft support the feature?
This allows the normal DLL search path to be ignored, and load the specified version.
Whilst not a security hole per se (as you already need to be have admin rights to change the value), it would be possible to redirect calls to go via a rogue DLL.
It was a feature added to improve performance, as there is no need to scan several potentially large directories to find the DLL.