Lack of working exploit does not mean Windows 98 is safe



I want to try to clarify a point. I’ve spent a couple days trying to get current exploits to work on a Windows 98 SE virtual machine. Not to prove that Windows 98 is safe, but to determine if current exploits affect Windows 98. Yesterday evening there were apocalyptic headlines saying that virus threatens every windows os shipped since 1990 which is overhyped. The current vulnerability exists in every windows operating system shipped since 1990. The current exploit for that vulnerability doesn’t seem to work on Windows 98 (you have to go a long ways to find a configuration that the current exploit works with… I haven’t yet.) This does not mean that Windows 98 is invulnerable. It simply means that this specific attack does not easily work. Tomorrow may be different, now that the problem is known, it may be just a matter of time before someone determines WHY windows 98 is not as affected and “correct” the problem.


I hope I haven’t implied that lack of market share (3% or so of my Windows using visitors, use Win 98) will keep Windows 98 users from harm. There are some fundamental architectural differences between 98 and XP, XP does have a bigger userbase, but Windows 98 could be trivial to exploit if someone was interested. The fact is, it’s a question mark.

So, at this point Windows 98 users don’t have to bail out in droves instantly with no hope for protection. But the upgrade path should be planned, whether it’s a move to Windows XP, a planned move to Vista, or an upgrade to a Linux OS, or Mac. Be preparing your exit plans.

   Send article as PDF   

Similar Posts