No Fix for Critical Windows 98, Me Flaw

Discussion in 'other security issues & news' started by ronjor, Jun 9, 2006.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,774
    Location:
    Texas
    Story
     
  2. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,827
    Location:
    USA
    I had windows 98SE on my old computer. 2 years ago I read M$ are planing to phase out support for windows 98/98SE, so I bought a licensed copy of Windows XP w/SP2 and also put in a new HD. I am lucky I can afford this, many people can't for different reasons. For people who just can't afford it (third world countrys) there is Windows XP starter edition.
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,774
    Location:
    Texas
    The way things are going, open source may be the only hope for many.
     
  4. Lamehand

    Lamehand Registered Member

    Joined:
    Mar 2, 2006
    Posts:
    428
    Location:
    the Netherlands,very near to the North sea
    I am surprised that he is surprised, if you see the money that is involved to upgrade to a newer version. Specially if you have more than one computer to maintain at home.

    Lamehand
     
  5. herbalist

    herbalist Guest

    They sure try to make it sound like impending doom for 98 users.
    From the article:
    Any decent security suite should accomplish this. Then again, users could always close this port manually.
    http://www.grc.com/su-bondage.htm
    From Microsoft Security Bulletin MS06-015
    You may be compromised if:
    1, you can be convinced to click on something you shouldn't,
    and
    2, Your not using a firewall,
    and
    3 You haven't closed these ports manually
    I can't hardly call this a critical vulnerability to anyone who practices even semi-reasonable security. If the first 2 items describe any user and their PC, it won't matter what OS they're using. They're probably compromised horribly already and one more won't make a difference.
    Rick
     
  6. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    So my openbsd box that is exposed to the internet is in danger :eek:

    Come on, many OS's don't need a firewall, and since there is no malware in the wild for many os's, then clicking on things isn't going to pose a problem.

    Now, any version of windows your statement will apply to.

    Cheers,

    Alphalutra1
     
  7. herbalist

    herbalist Guest

    I was definitely referring to windows OS. Anyone running BSD is already very security minded.
     
  8. Lamehand

    Lamehand Registered Member

    Joined:
    Mar 2, 2006
    Posts:
    428
    Location:
    the Netherlands,very near to the North sea
    It's just another 'make them scared' -tactic to drive the hurd into the direction of XP or even Vista.
    It could backfire though, one could be driven into the direction of a linux-distro. :)


    Lamehand
     
  9. herbalist

    herbalist Guest

    Pretty much. Yes, the vulnerability is real but the user has to be nearly unsecured and then be deceived on top of that. They initially did the same thing with the .wmf exploit, saying they wouldn't patch 98 against it. Turned out it wasn't vulnerable in the first place, at least not in the form it was released, but a lot of XP users took a beating.
    Rick
     
  10. Lamehand

    Lamehand Registered Member

    Joined:
    Mar 2, 2006
    Posts:
    428
    Location:
    the Netherlands,very near to the North sea
    herbalist, i know you are a big fan of windows 98, but what are you gonna do when in the future a real vulnerability pops up in 98?, you know one of those things you can't fix in a easy way or with security applications.

    Lamehand
     
  11. herbalist

    herbalist Guest

    It's not so much that I'm a fan of 98. I just badly dislike XP and everything I've read about Vista. I also like DOS and rely on it to secure windows.
    If one turns up that I can't block out with a firewall, filter out with Proxomitron, keep from executing with SSM, isn't caused by my doing/clicking something stupid, and I can't find any other way to stop it, I'll probably switch to Linux or a BSD version. Then again, I could get stubborn about it, figure out exactly what files, registry entries, etc are being compromised and include it into the restore process that runs in DOS when I reboot. I'm hoping to get a multi-OS box put together in not too much longer. Still downloading BSD, got Ubuntu burned to CD. Once I get the boot setup figured out, I'll have new toys to learn and play with. :D
    I'm still waiting to see such a vulnerability. It might happen, it might not. I'll deal with it one way or another.
    Rick
     
  12. Lamehand

    Lamehand Registered Member

    Joined:
    Mar 2, 2006
    Posts:
    428
    Location:
    the Netherlands,very near to the North sea
    I understand what you're saying, why not use it when it's not broken.
    There are other things to consider aswell, i realised that after reading that Firefox 3.0
    won't run on windows 98.
    So when the applications used don't support 98 anymore it could get more difficult to maintain a secure level of some sort, with or without the presence of a critical flaw.

    Lamehand
     
Loading...
Thread Status:
Not open for further replies.