If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
unpatched Critical vulnerabilities in Win 98 98SE?
In regards to 5-002 this following may put you somewhat at ease and do not
worry because usually bad people are able to use code in patches in order to exploit unpatched systems. It is unlikely that the following will be a problem until Microsoft releases fixes for it via Windows Update. First you would have to go to a bad website: In a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability. An attacker could also attempt to compromise a Web site to have it serve up a Web page with malicious content attempting to exploit this vulnerability. An attacker would have no way to force users to visit a Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's site or a site compromised by the attacker. Second Microsoft suggests reading e-mail in plain text and blocking html code from loading which I do as a precaution Third Microsoft says this: When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited? No. Microsoft had seen examples of proof of concept code published publicly but had not received any information indicating that this vulnerability had been publicly used to attack customers when this security bulletin was originally issued. Okay next for 5-015 here is some info.: In a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability. An attacker could also attempt to compromise a Web site to have it display a Web page with malicious content. An attacker would have no way to force users to click on the malicious link. After they click the link, they would be prompted to perform several actions. An attack could only occur after they performed these actions. Same thing make sure you block html in e-mail and read all e-mail in plain text. I would not even suggest opening e-mail from people unknown Also, consider using 128 bit encryption or greater when starting your e-mail account In addition, considering using a browser such as Mozilla Firefox which is less likely to be attacked since it does not have Active X. Finally, do not worry because Microsoft will eventually come out with a patch and there have been no succesful documented attacks using these vulnerabilities so far. If you are really paranoid you could always switch to Linux or use an Apple computer. I hope this puts you at ease and have an awesome day. Grateful thanks to Microsoft for information provided "Vince" wrote in message ... : As near as I can tell there are at least two unpatched vulnerabilities : that MS has determined to be critical, but it appears there are no : security updates currently available. : : http://www.microsoft.com/technet/security/bulletin/ms05-002.mspx : Are Windows 98, Windows 98 Second Edition, or Windows Millennium : Edition critically affected by any of the vulnerabilities that are : addressed in this security bulletin? : Yes. Windows 98, Windows 98 Second Edition, and Windows Millennium : Edition are critically affected by this vulnerability. Critical : security updates for these platforms will not be available : concurrently with the other security updates provided as part of this : security bulletin. They will be made available as soon as possible : following the release. When these security updates are available, you : will be able to download them only from the Windows Update Web site. : For more information about severity ratings, visit the following Web : site. : : http://www.microsoft.com/technet/security/bulletin/ms05-015.mspx : Are Windows 98, Windows 98 Second Edition, or Windows Millennium : Edition critically affected by one or more of the vulnerabilities that : are addressed in this security bulletin? : Yes. Windows 98, Windows 98 Second Edition, and Windows Millennium : Edition are critically affected by this vulnerability. Critical : security updates for these platforms may not be available concurrently : with the other security updates provided as part of this security : bulletin. They will be made available as soon as possible following : the release. When these security updates are available, you will be : able to download them only from the Windows Update Web site. For more : information about severity ratings, visit the following Web site. : : : Am I reading these things right? There are critical vulnerabilities : in Windows 98(SE), but no patches are available? If so, is there any : indication from Microsoft if or when they will have security updates : available via Windows Update? |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Critical Updates and Decreasing System Stability | randau | Software & Applications | 15 | January 5th 05 09:50 PM |
Critical Update loads | Gene | General | 1 | August 2nd 04 02:29 AM |
Critical Updates | Tammie | General | 3 | July 16th 04 02:41 PM |
Critical Updates Screwed Up My System. :( | Joanna | Software & Applications | 12 | June 19th 04 12:32 PM |
Some Critical MS Windows Update patches fail to install | Steve | Software & Applications | 1 | May 13th 04 05:11 PM |