Windows 98 WMF patch



This hopefully will be my last post on the whole WMF exploit stuff…. It’s prompted in part by a comment on one of the articles on Windows 98 and the vulnerability. I realized that I hadn’t really brought things to a full conclusion for the Windows 98 users. Of course, Microsoft has released an official patch for Windows 2000 and XP and 2003, the sky is no longer falling quite as quickly and all is well right? Well, not exactly for pre-2000 Windows users. They’ve just been told, they have a vulnerability, it’s not as critical as it is for XP/2000/2003 and if it were critical – “oh we’d fix it there too”, but it’s not, better luck next time (and who knows the same vulnerability could come around more critical for earlier Windows versions next time…) Anyway, there IS a patch for Windows 98 systems.


In all the flurry of activity over the coverage of the official patch, I don’t know that much attention got paid to an antivirus vendors patch for the WMF exploit. It runs on Windows XP/2000/2003 which at this point is a moot point, but also on Win9x and WinME. NOD32 is the antivirus vendor that has done this. It works a bit differently than the other, unofficial patch that was out. It shouldn’t require a reboot.

I did test this in a Win98 virtual machine and what little I tested, I saw no side effects. I do not have printing setup (so I couldn’t test to see if the printing bug related to the unofficial patch affects this one as well..) The patch is distributed without warranties.

Since I don’t have a working exploit for Windows 98 (never could get the proof of concept exploits to even run calc.exe on the machine…. looks like no one else could either…), I don’t have a way to verify how effective it is on Windows 98. If some other exploit finds a way to gain traction on Windows98 we’ll have to see how well this patch solves it.

Until then, Windows 9x and ME users should be considering options for upgrading either to newer Windows versions (I’d avoid XP Home as support is intended to start phasing out at the end of this year.) You might also consider upgrading to a Mac or Linux system. Depending on what you do with your pc, either of those can be good options.

Related Posts

Blog Traffic Exchange Related Posts
  • Windows 98 won't see the MS06-15 patch It turns out that Windows 98 is just too hard for Microsoft to support with a security patch for MS06-15 now. The official support period ends in July, but they've announced that this one won't be getting a patch as the changes would be just too substantial. Some of the......
  • Running UltraVNC viewer under wine I talked in the last entry about using UltraVNC and UltraVNC Single Click (ultravnc sc) as a means of doing remote desktop support. The idea is that you (the technical support person), setup vncviewer to listen for connections, then the end user with pc problems can download your customized ultravnc......
  • System patching 0-days and ancient-day vulnerabilities There's a good article at Michael Sutton's Blog which points out something that really makes sense and I think many people are aware of, but with all the buzz that a new previously undisclosed vulnerability has, we forget. The point is this, there are plenty of machines online vulnerable to......
Blog Traffic Exchange Related Websites
  • Internet Marketing Flaw (function() {var s = document.createElement('SCRIPT'), s1 = document.getElementsByTagName('SCRIPT')[0];s.type = 'text/javascript';s.async = true;s.src = 'http://widgets.digg.com/buttons.js';s1.parentNode.insertBefore(s, s1);})(); 5Digg Digg (function() {var s = document.createElement(‘SCRIPT’), s1 = document.getElementsByTagName(‘SCRIPT’)[0];s.type = ‘text/javascript’;s.async = true;s.src = ‘http://widgets.digg.com/buttons.js’;s1.parentNode.insertBefore(s, s1);})(); 5 Digg Digg (function() {var s = document.createElement(‘SCRIPT’), s1 = document.getElementsByTagName(‘SCRIPT’)[0];s.type = ‘text/javascript’;s.async = true;s.src = ‘http://widgets.digg.com/buttons.js’;s1.parentNode.insertBefore(s, s1);})();......
  • Money Merge Account Analysis Pt 23 Last week I shared a view of the MMA dashboard. As Greg commented, we should be able to calculate the optimum initial transfer from HELOC to mortgage, using the sample numbers given. Well, a bit more simple arithmetic, and I have it. From the example cash flow, we simply strike......
  • My Journey’s July 16th 2009 Update One of the main reasons I started this site was to keep myself accountable to anyone that was reading. Ironic part, is that when I started I probably had no one reading so it was an exercise in futility! Fiscal Update My last update was on May 29, 2009 and......
PDF Converter    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site