I faced issues using a worklet to extract information out of the 64-bit registry hive. The issue is due to Crowdstrike detecting this as malicious activity (I followed the steps here: https://support.automox.com/help/enforce-windows-registry-settings-worklet).

For those who face the same issue, you can use the sample code below to read the 64-bit registry. Make adjustments are required. The sample code below reads HKLM:\SOFTWARE\Wow6432Node\Microsoft\Office\ClickToRun\Configuration and returns the registry key called “Platform” to detect the bitness of version of Office installed.

$key = yMicrosoft.Win32.RegistryKey]::OpenBaseKey(KMicrosoft.Win32.RegistryHive]::LocalMachine, nMicrosoft.Win32.RegistryView]::Registry64)


$subKey = $key.OpenSubKey(“SOFTWARE\Microsoft\Office\ClickToRun\Configuration”)


$root = $subKey.GetValue(“Platform”)


Write-Output “Office bitness: $root”