No Fix for Critical Windows 98, Me Flaw

Status
Not open for further replies.

KSoD

Call me Mak or K, Mod Emeritus
Messages
35,644
Location
C:\
Microsoft has encountered a critical vulnerability in Windows 98, 98 SE and Windows Me that it simply cannot fix, the company acknowledged Friday. The flaw affects Windows Explorer and after investigating the issue, Microsoft said it would need to reengineer a significant amount of the operating system.

Announced as part of April's security bulletins, a remote execution vulnerability exists in Windows Explorer because of the way that it handles COM objects. A malicious Web site could force a connection to a remote file server, which in turn causes Explorer to fail and potentially execute arbitrary code.

Microsoft says an attacker could take complete control of affected operating systems in this manner. Patches correcting the flaw were issued for Windows 2000, XP and Windows Server 2003, but the vulnerability remains unpatched on Windows 9x based systems.

The Redmond company says that because it would need to re-architecture Windows Explorer in those legacy systems to better match Windows 2000, a fix just isn't feasible. According to the updated bulletin, Microsoft could not ensure that applications written for Windows 9x would continue to operate as intended after the changes.

Moreover, Microsoft has little incentive to expend the resources necessary to patch the flaw. Support for Windows 98, 98 SE and Windows Me ends on July 11, which means no more security updates will be released and no technical or public support will be provided.

>> Source: BetaNews
 
I dont see why MS or any other flaw finders always has to annouce this stuff...why not keep it under wraps till its fixed??
 
As much as I loved 98se as an operating system it probably is about time to let sleeping dogs lie (not that I'd never call 98se a /dog/ lol). Microsoft has continued to support it for several years after it's end of life support. Now with XP's customizability (is that a word :confused: ) and 100MB lite installs there's not really much reason to stick to an 8 year old OS apart from old games which run 98% flawlessly with dosbox/dfend anyway or businesses with 3GB HD's that bring new meaning to the word tight.
 
Status
Not open for further replies.
Back
Top Bottom