LNK Exploit Protection for Windows 2000, XP RTM, SP1 and SP2

As expected, Microsoft isn’t offering their MS10-046 patch for the critical Windows Shell shortcut vulnerability to users of Windows 2000, XP RTM, SP1 and SP2.

Yet our Hitman Pro usage statistics show that Windows XP SP2 is still heavily used:

Windows XP SP2 14.45%
Windows XP SP1 0,44%
Windows XP RTM 0,32%
Windows 2000 0,36%

We think that 14,45% is quite a significant number of users that are left out in the cold by the software giant.

Build 109

In Hitman Pro 3.5.6 build 109 we introduced a universal detection method for the shortcut vulnerability. We could not simply rely on checking the version number of shell32.dll as there are simply too many different versions. To complicate things, 64-bit Windows also have WoW64 versions of shell32.dll.

The universal detection method works by trying to trigger the actual exploit. This ensures that the LNK Exploit Protection is not offered to users that either installed MS10-046 or custom patched their shell32.dll. (Note: The custom patch seems to work on some specifc versions of shell32.dll only).

We recommend Windows XP pre-SP3 users to upgrade to SP3 for best protection against the exploit. But if you are stuck with Windows 2000 or you are unable to upgrade to XP SP3 then you can use Hitman Pro LNK Exploit Protection to protect your computer from malware that is currently exploiting the critical shortcut vulnerability.

Comments are closed.

%d bloggers like this: