[RULE REQUEST] Check for the import of outdated (end-of-life) Visual C++ redistributable DLLs

[gitpushmain]

Would it make sense to add a rule to BinSkim to check for the import of outdated (end-of-life or end-of-support) DLLs?
Currently I am doing this with a Python script. Specifically, I am looking for the MajorLinkerVersion and the MinorLinkerVersion of a PE binary file and the imported Visual C++ Redistributable DLLs (https://learn.microsoft.com/en-us/cpp/windows/determining-which-dlls-to-redistribute?view=msvc-170).

With that information I can detect if an outdated Redistributable version is used. For example, if a binary file with the linker version 11.0 is importing a redistributable DLL (e.g., MSVCR110.dll), this redistributable (Visual Studio version) reached end-of-support, as can be seen here: https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist?view=msvc-170. So currently I based my detection on the linker version (< 12.0) and whether it is importing any redistributable DLL.

Using outdated versions poses a security risk, as it is not updated anymore, and security vulnerabilities won't be fixed. Therefore, I think it could make sense to have a rule to check files, if they are importing/requiring end-of-support DLLs, that could contain vulnerabilities.

I did not fill out the rule template yet, as I just wanted to know and discuss what you think about this proposal in general.

---

Rule Proposal: [Friendly Rule Name]

Rule metadata

• Id:
• Name:

Rule descriptions

• Short:
• Full:

Platform & applicability

• Platform:
• Applicable to:
• Not applicable to:

User-facing strings

• Fail:
• Pass:
• [Other]:

Links/Additional Information

Implementation Notes

How to resolve