Guest dan Posted December 12, 2007 Posted December 12, 2007 Does anyone know if this is good for Win 98/IE6.5 ?
Guest PA Bear Posted December 12, 2007 Posted December 12, 2007 Re: IE gets security makeover in Patch Tuesday batch Win98 is no longer supported, effective 11Jul-06. No updates for any application running in Win98 have been released since then and no update for Win98 will be released in the future. -- ~Robear Dyer (PA Bear) MS MVP-Windows (IE, OE, Security, Shell/User) AumHa VSOP & Admin http://aumha.net DTS-L.ORG http://66.39.69.143/ dan wrote: > Does anyone know if this is good for Win 98/IE6.5 ?
Guest 98 Guy Posted December 13, 2007 Posted December 13, 2007 Re: IE gets security makeover in Patch Tuesday batch dan wrote: > Does anyone know if this is good for Win 98/IE6.5 ? Top-poster PA Bear wrote: > Win98 is no longer supported, effective 11Jul-06. I think that dan knows that. The question is really -> are the patched vulnerabilities known to affect win-98? (come on Bear, think outside the box a little)
Guest MEB Posted December 13, 2007 Posted December 13, 2007 Re: IE gets security makeover in Patch Tuesday batch "dan" <nospam@nsm.com> wrote in message news:%23mGiW2OPIHA.1204@TK2MSFTNGP03.phx.gbl... | Does anyone know if this is good for Win 98/IE6.5 ? | | Let me take the cross road here... I haven't checked what this particular update supposedly does so I'll speak generally: Having installed some of the supposed modified updates for 9X/IE6, I can make just a few comments. Though there were some that were useful updates previously, which could be tested; the latest, from what I can find, have not really been tested against what they supposedly fix, in the 9X environment. I can also suggest, that these may actually cause issues within your 9X system [at least until someone works out the kinks] if you were to attempt a manual installation. If you want to keep using IE6, do so only when necessary if these non-updated issues cause you concern. Many of these updates make changes in the handling of ActiveX, scripting, and other; which, as you don't have the same versions and other that a supported system does [other updates have made significant modifications in the supported OSs], MAY not apply at all, or potentially, could cause problems in 9X or an application which might be designed for an older version of a replaced file, or need that ActiveX or scripting function that was disabled or blocked. The cross modifications and *installation testing* of these supposed {modified} updates [as was supposedly done when Microsoft released them for 9X, insert laugh here] is a distinctly small group of individuals, and Microsoft definitely isn't going to make a hotfix to correct any errors caused in the 9X system. Note, I'm NOT saying the modified files are worthless [just not really tested], but any issues that might pop-up are issues YOU will be fixing. So to state outright that yes they are safe, and needed, and will work without issue in YOUR particular 9X configuration, would likely be a false claim by anyone who made that statement. Many of the installation testers run highly modified systems which will never reflect what a common user might be running, and likely no one will have your exact application configuration and needs. Any non-official files are USE AT YOUR OWN RISK. Moreover, I'd think there is likely no one who can assure that these modified files do not introduce more security flaws into the 9X environment, as they are specifically designed for NT based operating systems and inter-relate to other updates for those OSs. -- MEB http://peoplescounsel.orgfree.com ________
Guest 98 Guy Posted December 13, 2007 Posted December 13, 2007 Re: IE gets security makeover in Patch Tuesday batch Since MEB did not provide any details AT ALL about what he did or what he knows regarding the recent set of patches, here is what I've found: http://www.microsoft.com/technet/security/bulletin/ms07-dec.mspx Microsoft Security Bulletin MS07-064 Vulnerabilities in DirectX Could Allow Remote Code Execution (941568) - directX versions 7 through 10 is affected on 2K through Vista - IE not implicated - this item is related to or replaces MS05-050 - Windows 9x may benefit from this update - The file Quartz.dll seems to be the only file updated or replaced Microsoft Security Bulletin MS07-068 Vulnerability in Windows Media File Format Could Allow Remote Code Execution (941569 and 944275) - this item is related to, or is an addition to, MS06-078 - this item pertains to Windows Media Format Runtime versions 7.1, 9, and 9.5. Versions 6.x and 4.1 are not affected. - Win-98 may benefit from the use of win-2k versions of this patch (testing required) Microsoft Security Bulletin MS07-069 Cumulative Security Update for Internet Explorer (942615) - this seems to be an update to MS07-057 - most of MS07-069 pertains either to IE7 or 64-bit versions of XP and server 2003 - there *may* be one or two items either in MS07-069 or MS-07-057 that *might* be applicable to win-98 Microsoft Security Bulletin MS07-063 Vulnerability in SMBv2 Could Allow Remote Code Execution (942624) (Only pertains to Vista) Microsoft Security Bulletin MS07-065 Vulnerability in Message Queuing Could Allow Remote Code Execution (937894) - This pertains to the Message Queuing Service on Win-2K and XP. - in a previous MS bulletin (MS05-017) MS played it's usual game with Windows-98 and did not specifically mention if win-98 was vulnerable, it only stated explicitly that win-me was not affected. Microsoft Security Bulletin MS07-066 Vulnerability in Windows Kernel Could Allow Elevation of Privilege (943078) (only pertains to Vista) Microsoft Security Bulletin MS07-067 Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege (944653) - only pertains to XP and Server 2003 - most likely does not pertain to win-9x
Guest dan Posted December 13, 2007 Posted December 13, 2007 Re: IE gets security makeover in Patch Tuesday batch Thanx MEB and 98 Guy.... This "common user", lol; will chill until I've done more 'dd' on the subject. Will update post if I can, and stick with what at present is a very normal functioning IE 6.... Once again thanx so much for all your input on/to this Grp. Have a great Holiday Season ! eom.... "MEB" <meb@not here@hotmail.com> wrote in message news:%23zItxuVPIHA.5988@TK2MSFTNGP02.phx.gbl... > > > "dan" <nospam@nsm.com> wrote in message > news:%23mGiW2OPIHA.1204@TK2MSFTNGP03.phx.gbl... > | Does anyone know if this is good for Win 98/IE6.5 ? > | > | > > Let me take the cross road here... I haven't checked what this particular > update supposedly does so I'll speak generally: > > Having installed some of the supposed modified updates for 9X/IE6, I can > make just a few comments. > > Though there were some that were useful updates previously, which could be > tested; the latest, from what I can find, have not really been tested > against what they supposedly fix, in the 9X environment. > I can also suggest, that these may actually cause issues within your 9X > system [at least until someone works out the kinks] if you were to attempt a > manual installation. > > If you want to keep using IE6, do so only when necessary if these > non-updated issues cause you concern. > Many of these updates make changes in the handling of ActiveX, scripting, > and other; which, as you don't have the same versions and other that a > supported system does [other updates have made significant modifications in > the supported OSs], MAY not apply at all, or potentially, could cause > problems in 9X or an application which might be designed for an older > version of a replaced file, or need that ActiveX or scripting function that > was disabled or blocked. The cross modifications and *installation testing* > of these supposed {modified} updates [as was supposedly done when Microsoft > released them for 9X, insert laugh here] is a distinctly small group of > individuals, and Microsoft definitely isn't going to make a hotfix to > correct any errors caused in the 9X system. Note, I'm NOT saying the > modified files are worthless [just not really tested], but any issues that > might pop-up are issues YOU will be fixing. > > So to state outright that yes they are safe, and needed, and will work > without issue in YOUR particular 9X configuration, would likely be a false > claim by anyone who made that statement. Many of the installation testers > run highly modified systems which will never reflect what a common user > might be running, and likely no one will have your exact application > configuration and needs. Any non-official files are USE AT YOUR OWN RISK. > Moreover, I'd think there is likely no one who can assure that these > modified files do not introduce more security flaws into the 9X environment, > as they are specifically designed for NT based operating systems and > inter-relate to other updates for those OSs. > > -- > MEB > http://peoplescounsel.orgfree.com > ________ > > > > >
Guest MEB Posted December 13, 2007 Posted December 13, 2007 Re: IE gets security makeover in Patch Tuesday batch "98 Guy" <98@Guy.com> wrote in message news:47615105.55F5B710@Guy.com... | Since MEB did not provide any details AT ALL about what he did or what | he knows regarding the recent set of patches, here is what I've found: | | http://www.microsoft.com/technet/security/bulletin/ms07-dec.mspx Oops, forgot to post the bulletin, thanks for the headsup. See new Cumulative Security post for additional links and/or information. | | Microsoft Security Bulletin MS07-064 | Vulnerabilities in DirectX Could Allow Remote Code Execution (941568) | - directX versions 7 through 10 is affected on 2K through | Vista - IE not implicated | - this item is related to or replaces MS05-050 | - Windows 9x may benefit from this update | - The file Quartz.dll seems to be the only file updated or | replaced | | | Microsoft Security Bulletin MS07-068 | Vulnerability in Windows Media File Format Could Allow Remote Code | Execution (941569 and 944275) | - this item is related to, or is an addition to, MS06-078 | - this item pertains to Windows Media Format Runtime versions | 7.1, 9, and 9.5. Versions 6.x and 4.1 are not affected. | - Win-98 may benefit from the use of win-2k versions | of this patch (testing required) | | | Microsoft Security Bulletin MS07-069 | Cumulative Security Update for Internet Explorer (942615) | - this seems to be an update to MS07-057 | - most of MS07-069 pertains either to IE7 or 64-bit | versions of XP and server 2003 | - there *may* be one or two items either in MS07-069 | or MS-07-057 that *might* be applicable to win-98 | | | Microsoft Security Bulletin MS07-063 | Vulnerability in SMBv2 Could Allow Remote Code Execution (942624) | (Only pertains to Vista) | | Microsoft Security Bulletin MS07-065 | Vulnerability in Message Queuing Could Allow Remote Code Execution | (937894) | - This pertains to the Message Queuing Service on Win-2K and XP. | - in a previous MS bulletin (MS05-017) MS played it's usual game with | Windows-98 and did not specifically mention if win-98 was | vulnerable, | it only stated explicitly that win-me was not affected. | | | Microsoft Security Bulletin MS07-066 | Vulnerability in Windows Kernel Could Allow Elevation of Privilege | (943078) | (only pertains to Vista) | | Microsoft Security Bulletin MS07-067 | Vulnerability in Macrovision Driver Could Allow Local Elevation of | Privilege (944653) | - only pertains to XP and Server 2003 | - most likely does not pertain to win-9x So from what you have posted, it appears that three MAY be of use depending upon what the individual user might be using or have installed. -- MEB http://peoplescounsel.orgfree.com ________
Recommended Posts