Users still opting the withdraw Windows XP Service Pack 2 (SP2) can ploy the OS into installing safety updates, an investigator said. The hack need an edit of a sole key in the Windows registry, said Sean Sullivan, a security adviser with Helsinki, Finland based antivirus seller F-Secure.

"It turns out that an SP2 Operating system will believe it's Service Pack 3 if you revise this registry namely 'HKEY_LOCAL_MACHINE\System\CurrentControlSet\Contr ol\Windows,' and change the DWORD value 'CSDVersion' from 200 to 300, after restarting," said Sullivan. According to Microsoft, CSD Version identifies the name of the most current service pack installed on the system.

In other words, Sullivan's hack costumes XP SP2 as SP3 when Microsoft's security updates decide whether the PC is suitable for a patch. With the hack, Sullivan was capable to compel a Windows XP SP2 PC to install the crisis patch Microsoft declared last week for a serious vulnerability in Windows' parsing of shortcut files. That "out-of-band" update was publicly deprived of to Windows XP SP2 PCs since the service pack was removed from support on July 13. According Microsoft policy, retired software’s no longer accept security patches