Guest smith Posted November 14, 2007 Posted November 14, 2007 http://www.pcworld.com/article/id,139598- c,windowsbugs/article.html described a patch in the 11/13/2007 Windows udpate that fixed a "URI problem" described as critical. The article said the bug did not affect Win 2000. Does anyone know if the explosure affects Win 98?
Guest philo Posted November 14, 2007 Posted November 14, 2007 Re: Is 98 Affected by the URI Problem Fix in 11/13 Update? "smith" <smith@nospam.com> wrote in message news:uTgk0amJIHA.2064@TK2MSFTNGP06.phx.gbl... > http://www.pcworld.com/article/id,139598- > c,windowsbugs/article.html > > described a patch in the 11/13/2007 Windows udpate that fixed a > "URI problem" described as critical. > > The article said the bug did not affect Win 2000. > > Does anyone know if the explosure affects Win 98? Although Win98 is probably not affected... it's a moot point as Microsoft is writing no more updates for Win98 anyway
Guest 98 Guy Posted November 14, 2007 Posted November 14, 2007 Re: Is 98 Affected by the URI Problem Fix in 11/13 Update? smith wrote: > Does anyone know if the explosure affects Win 98? http://www.microsoft.com/technet/security/bulletin/MS07-061.mspx Note the following: "Microsoft has not identified a way to exploit this vulnerability on any Windows operating system that is running Internet Explorer 6" Which explains why Win-2000 is not listed as vulnerable. So I guess the vulnerability lies in IE7 files. Strange that Vista is not affected, but XP is. Do they each use a different set of IE7 files?
Guest Dan Posted November 15, 2007 Posted November 15, 2007 Re: Is 98 Affected by the URI Problem Fix in 11/13 Update? Internet Explorer 7 in Vista has 256 bit encryption compared to 128 bit encryption in XP. In addition, IE 7 in Vista has a protected mode that XP does not have. I would conclude that the 2 versions must have some files that are different since Vista IE 7 offers features that are not available in XP IE 7.
Guest glee Posted November 16, 2007 Posted November 16, 2007 Re: Is 98 Affected by the URI Problem Fix in 11/13 Update? http://www.microsoft.com/technet/security/bulletin/MS07-061.mspx Although "Microsoft has only identified ways to exploit this vulnerability on systems using Internet Explorer 7....(snip).....the vulnerability exists in a Windows file, Shell32.dll...." so the real questions are whether a way to exploit the vulnerability on systems with IE6 could eventually be discovered; and whether the Shell32.dll file in Win98 has the vulnerability. Since Win98/98SE is no longer supported, Microsoft will not be doing any testing of this, let alone releasing an update even if a vulnerability was recognised. It would be up to third parties to research and test it. At the very least I would look for alternate browsers for Win98 (Opera, Firefox) to minimize the possibility of attacks via holes in Internet Explorer on that platform. -- Glen Ventura, MS MVP Shell/User, A+ "smith" <smith@nospam.com> wrote in message news:uTgk0amJIHA.2064@TK2MSFTNGP06.phx.gbl... > http://www.pcworld.com/article/id,139598- > c,windowsbugs/article.html > > described a patch in the 11/13/2007 Windows udpate that fixed a > "URI problem" described as critical. > > The article said the bug did not affect Win 2000. > > Does anyone know if the explosure affects Win 98?
Recommended Posts