What worries me is the thinking process behind "Hey, we'll just check if it's a remote file by looking for an initial character string in the filename".
That's a worrying, and dangerous, view of the thinking of whoever was responsible for fixing it. That's not how you patch a major worldwide security problem, not even on an emergency rapid scale.
I bet someone's testing NTFS remote symbolic links as we speak.