Registry hack used by gamers allows security for Windows XP SP2
by Steve Ragan - Aug 10 2010, 13:34
Registry hack used by gamers allows security for Windows XP SP2. Image: Marcin Wichary/Flickr.
If you use Windows XP SP2, then by now you are well aware that it has come to its end of life. This means no security updates, no software updates, no support. However, an interesting blog post from F-Secure explains how to install security updates on the aging operating system, if a user is willing to assume the risk.
On Monday, F-Secure’s Sean Sullivan wrote a blog entry that explains how to use an old registry hack invented by the gaming community to install the LNK vulnerability patch on Windows XP SP2. The patch itself was denied to SP2 systems by Microsoft, as the operating system is past its support cycle.
Despite this, as Sullivan notes in his post, Microsoft still lists SP2 in the “applies to” details of the downloadable patch used by IT administrators. Yet, if administrators or users attempt to install the LNK patch on SP2, they are greeted with an error message warning them that they are using an outdated service pack release.
This is where the gaming community comes in to play. Sullivan used an old registry hack that became popular in 2008, shortly after Grand Theft Auto was released, where you can alter the Windows registry to fool it into thinking that an SP2 system is in fact an SP3 system.
Altering the DWORD value from 200 to 300 in HKLM->System->CurrentControlSet->Control->Windows, allows the LNK patch to be applied to SP2, despite the attempt to block it by Microsoft in order to get people to update.
When tested, the patch worked just fine, and prevented SP2 systems from being exploited by the vulnerability. However, while this fix works great in this instance, there is a major problem with using it, especially in an enterprise or SMB environment.
There is no support for SP2, none, and if this registry hack breaks something, there could be serious repercussions to a business, and Microsoft won’t lift a finger to help. Also, there is no way to expect all Microsoft patches to work in this fashion.
As Sullivan says, “Hacking the registry and applying updates is likely a very quick way to destabilize your system. You really should update to Service Pack 3 if at all possible. If you want to experiment, do so at your own risk.”
The F-Secure blog post is here.
Comment on this Story