Windows 98 WMF patch



This hopefully will be my last post on the whole WMF exploit stuff…. It’s prompted in part by a comment on one of the articles on Windows 98 and the vulnerability. I realized that I hadn’t really brought things to a full conclusion for the Windows 98 users. Of course, Microsoft has released an official patch for Windows 2000 and XP and 2003, the sky is no longer falling quite as quickly and all is well right? Well, not exactly for pre-2000 Windows users. They’ve just been told, they have a vulnerability, it’s not as critical as it is for XP/2000/2003 and if it were critical – “oh we’d fix it there too”, but it’s not, better luck next time (and who knows the same vulnerability could come around more critical for earlier Windows versions next time…) Anyway, there IS a patch for Windows 98 systems.


In all the flurry of activity over the coverage of the official patch, I don’t know that much attention got paid to an antivirus vendors patch for the WMF exploit. It runs on Windows XP/2000/2003 which at this point is a moot point, but also on Win9x and WinME. NOD32 is the antivirus vendor that has done this. It works a bit differently than the other, unofficial patch that was out. It shouldn’t require a reboot.

I did test this in a Win98 virtual machine and what little I tested, I saw no side effects. I do not have printing setup (so I couldn’t test to see if the printing bug related to the unofficial patch affects this one as well..) The patch is distributed without warranties.

Since I don’t have a working exploit for Windows 98 (never could get the proof of concept exploits to even run calc.exe on the machine…. looks like no one else could either…), I don’t have a way to verify how effective it is on Windows 98. If some other exploit finds a way to gain traction on Windows98 we’ll have to see how well this patch solves it.

Until then, Windows 9x and ME users should be considering options for upgrading either to newer Windows versions (I’d avoid XP Home as support is intended to start phasing out at the end of this year.) You might also consider upgrading to a Mac or Linux system. Depending on what you do with your pc, either of those can be good options.

Related Posts

Blog Traffic Exchange Related Posts
  • Windows XP SP3 Well, in the article the other day about the Windows wireless problem/(feature that could be exploitable?) there was a mention that the default behaviour for Windows would be changed with the next service pack, for XP users that's SP3. So, when can we expec this? It seems that service pack......
  • WMF exploit testing on Windows 98 I had hoped to get in another test of Windows 98 with yet another WMF viewer (tried Kodak imaging, and irfanview). So far I haven't seen a way that the WMF exploits can work on Windows 98 SE. I'm running out of time before I have to run to some......
  • Running UltraVNC viewer under wine I talked in the last entry about using UltraVNC and UltraVNC Single Click (ultravnc sc) as a means of doing remote desktop support. The idea is that you (the technical support person), setup vncviewer to listen for connections, then the end user with pc problems can download your customized ultravnc......
Blog Traffic Exchange Related Websites
  • My Journey’s July 16th 2009 Update One of the main reasons I started this site was to keep myself accountable to anyone that was reading. Ironic part, is that when I started I probably had no one reading so it was an exercise in futility! Fiscal Update My last update was on May 29, 2009 and......
  • Microsoft Security Advisory (2286198): Vulnerability in Windows Shell Could Allow Remote Code Execution Vulnerability in Windows Shell Could Allow Remote Code Execution Published: July 16, 2010 Version: 1.0 General Information Executive Summary Microsoft is investigating reports of limited, targeted attacks exploiting a vulnerability in Windows Shell, a component of Microsoft Windows. This advisory contains information about which versions of Windows are vulnerable as......
  • Network Marketing Blog - Are Your Blog Comments Working? (function() {var s = document.createElement('SCRIPT'), s1 = document.getElementsByTagName('SCRIPT')[0];s.type = 'text/javascript';s.async = true;s.src = 'http://widgets.digg.com/buttons.js';s1.parentNode.insertBefore(s, s1);})(); 16Digg Digg (function() {var s = document.createElement(‘SCRIPT’), s1 = document.getElementsByTagName(‘SCRIPT’)[0];s.type = ‘text/javascript’;s.async = true;s.src = ‘http://widgets.digg.com/buttons.js’;s1.parentNode.insertBefore(s, s1);})(); 16 Digg Digg (function() {var s = document.createElement(‘SCRIPT’), s1 = document.getElementsByTagName(‘SCRIPT’)[0];s.type = ‘text/javascript’;s.async = true;s.src = ‘http://widgets.digg.com/buttons.js’;s1.parentNode.insertBefore(s, s1);})();......
PDF Converter    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site