Thread: Does the RPC Attack affect Win 98?
View Single Post
  #5  
Old October 26th 08, 03:59 AM posted to microsoft.public.win98.gen_discussion
Dan
External Usenet User
  
Posts: 1,089
Default Does the RPC Attack affect Win 98?
I would be surprised if remote procedure call (rpc) affects Windows 98 since
that is one of the great things that I enjoy about Windows 98 is that it does
not have the ability to allow another os to easily connect to Windows 98 like
Windows XP has. In Windows XP, Microsoft can use Easy Assist in order to
remotely try and work on your system from their end. I have not seen this
procedure ever used in Windows 98.

The thing is that with less there is more in some cases especially with
their being less services in Windows 98 compared to Windows XP and this has
the affect of their being less attack vectors to compromise a user's system.
If you put an unpatched XP system on the 'Net and an unpatched 98 system on
the 'Net I would be surprised if the 98 system was compromised before the XP
system. I found this by researching with Google and it appears RPC is not a
component of Windows 98.

http://www.microsoft.com/technet/sec.../MS04-012.mspx

Sometimes, it seems you go backwards with progress because RPC according to
this Microsoft bulletin does not affect Windows NT or Windows 98 but
certainly affects Windows 2000, Windows XP and Windows Server 2003. Long
Live Windows 98.

"smith" wrote:

Does the RPC attack affect Win 98?


M$ Security Bulletin:
http://www.microsoft.com/technet/sec.../MS08-067.mspx


The Bulletin states:

Customers who require custom support for older releases must
contact their Microsoft account team representative, their
Technical Account Manager, or the appropriate Microsoft partner
representative for custom support options

Does this mean M$ is still supporting 98 for people with
custom contracts?

The bulletin also states in the FAQs"

What systems are primarily at risk from the vulnerability?

While all workstations and servers are at risk regarding this
issue, systems running Microsoft Windows 2000, Windows XP, or
Windows Server 2003 are primarily at risk due to the unique
characteristics of the vulnerability and affected code path.

Does Win 98 share these "unique characteristics?"

What is the difference between "all workstations and servers"
being at risk but just some being "primarily" at risk because of
"unique characteristics."

Normally I do not log on and have the browser available, i.e., I
can't look at other systems on my local network. Does that leave
me safe?