We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Hack enables updates for Windows XP SP2

Tweak disguises SP2 as SP3

People still running the now-retired Windows XP Service Pack 2 (SP2) can trick the operating system into installing security updates, according to an F-Secure security researcher.

The hack requires an edit of a single key in the Windows registry, said Sean Sullivan, a security adviser with the Helsinki, Finland-based company, who spelled out the tweak in a blog post.

"It turns out that an SP2 system will think it's [Service Pack 3] if you edit this key: 'HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Windows,' and edit the DWORD value 'CSDVersion' from 200 to 300, [then] reboot," said Sullivan.

According to Microsoft, CSDVersion specifies the name of the most recent service pack installed on the PC.

In other words, Sullivan's hack disguises XP SP2 as SP3 when Microsoft's security updates determine whether the PC is eligible for a patch.

With the hack, Sullivan was able to force a Windows XP SP2 system to install the emergency patch Microsoft issued last week for a critical vulnerability in Windows' parsing of shortcut files.

That "out-of-band" update was officially denied to Windows XP SP2 PCs because the service pack was retired from support on July 13. By Microsoft policy, retired products no longer receive security patches.

After hacking the registry, Sullivan installed the shortcut patch - which he had downloaded directly from Microsoft's site rather than via the Windows Update patching service - and tested an exploit that has been used by attackers for several weeks to infect PCs.

"It did not infect the system after the patch," said Sullivan. "Cool."

The patch for the shortcut bug can be found on Microsoft's Download Center site.

Sullivan cautioned users that the registry hack is risky.

"Remember, this update is not officially tested or supported by Microsoft for SP2," Sullivan said. "Hacking the registry and applying updates is likely a very quick way to destabilize your system. You really should update to Service Pack 3 if at all possible."

Most users, in fact, steer clear of the registry, since as Sullivan pointed out, an editing error can cripple the computer. "Do so at your own risk," he added.

Sullivan admitted he had not come up with the registry tweak, but said he had remembered a similar hack touted by players of "Grand Theft Auto IV" a year and a half ago. A thread on the GTAForums.com site from December 2008 showed how the same hack could be used to fool the game into launching on a Windows XP SP2 system.

Microsoft has been pushing customers all year to upgrade from XP SP2 to SP3 -- or to move to the new Windows 7 instead -- and offers detailed instructions on how to get and install XP's third service pack on its site.

IDG UK Sites

How to get a free EE Power Bar: Mobile and broadband customers eligible for free smartphone charger

IDG UK Sites

Why Netflix won't terminate your account for using a VPN, probably

IDG UK Sites

Forever 21 denies pirating Adobe, Autodesk and Corel software, accuses companies of 'bullying'

IDG UK Sites

New Apple TV 2015 release date rumours: Apple's WWDC invite shows Apple TV