X
Tech
Home Tech Services & Software Operating Systems Windows

UPDATE: Thoughts on that XP SP2 reg hack that allows for .LNK patching

The other day Sean Sullivan, a security adviser advisor at antivirus vendor F-Secure published a registry hack that allows XP SP2 users to install the patch for the .LNK vulnerability on their systems. I've been asked what I think about this. Here are my thoughts.
Written by Adrian Kingsley-Hughes, Senior Contributing Editor

The other day Sean Sullivan, a security adviser advisor at antivirus vendor F-Secure published a registry hack that allows XP SP2 users to install the patch for the .LNK vulnerability on their systems. I've been asked what I think about this. Here are my thoughts.

The situation is that the .LNK patch issued by Microsoft won't install on anything below XP SP3. However, some users cannot, for one reason or another, upgrade to SP2, so these users are left out in the cold. What Sullivan does via a registry hack is make the system believe that SP3 is installed on XP when it isn't.

It turns out that an SP2 system will think its SP3 if you edit this key: HKLM\System\CurrentControlSet\Control\Windows, and edit the DWORD value CSDVersion from 200 to 300 (and reboot).

It worked for GTA IV, so we decided to test it with KB2286198. And our test worked, WindowsXP-KB2286198-x86-ENU.exe installed on our SP2 test system once we tweaked the registry. We also tested an LNK exploit, and it did not infect the system after the patch.

Now, I have a few problems with this.

  • First, Microsoft hasn't OKed the patch for SP2. This is because XP SP2 is now not supported, but given that the patch is untested, there still might be unforeseen problems.
  • Secondly, leaving Windows XP SP2 thinking it's SP3 might cause problems later on down the line if an incompatible application or update is installed.
  • Finally, this hack is little more than a spot gap until an incompatible patch is released.

So, what should those stuck on XP SP2 do? In my opinion, One of three things:

  • Upgrade to SP3
  • Upgrade the OS
  • Stick with the workarounds for the vulnerability that Microsoft outlined in the initial knowledgebase article
  • A final possibility is to do the registry hack, install the update and then reverse the hack, changing CSDVersion back to 200 - I've tested this and it seems to work, and might mitigate any other nasty side-effects of XP believing that it's on a different service pack than is actually installed

Bottom line, if you're stuck on XP SP2, then your system is on borrowed time.

[UPDATE; It appears that there is a custom installer for Windows XP Embedded that also installs on Windows Service Pack 2 with no reg hacks needed - grab is here.]

Editorial standards
Show Comments

Related

Logitech Mevo Core Streaming camera on a tripod on set

I fly 10 times a year. These 5 tech gadgets are lifesavers

Samsung Galaxy A35 5G home screen on a wooden bench.

Forget the Pixel 8a. This $399 Samsung phone is a force to be reckoned with

Placeholder product image alt text

The best AI image generators to try right now