Watch out, Virus Guy! Those alt.* groups are filled with XP-mutants!
--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
should things get worse after this,
PCR
(e-mail address removed)
| XP.
|
| What a joke.
|
| This is an example of Macro$haft support for a "supported product" ?
|
| How many bandaids can you (should you) apply to a product before it
| should rightly be declared "dead on arrival" ???
|
| Windows 98(se) was better "out-of-the-box" than XP is even now.
|
| -------------
|
|
http://secunia.com/product/16/
|
| Microsoft Windows XP Home Edition with all vendor patches installed
| and all vendor workarounds applied, is currently affected by one or
| more Secunia advisories rated Highly critical.
|
| This is based on the most severe Secunia advisory, which is marked as
| "Unpatched" in the Secunia database. Go to Unpatched/Patched list
| below for details.
|
| (
http://secunia.com/product/16/#advisories)
|
| Currently, 23 out of 116 Secunia advisories, are marked as "Unpatched"
| in the Secunia database.
|
| -------------
|
|
http://secunia.com/product/13/
|
| Microsoft Windows 98 Second Edition with all vendor patches installed
| and all vendor workarounds applied, is currently affected by one or
| more Secunia advisories rated Less critical
|
| This is based on the most severe Secunia advisory, which is marked as
| "Unpatched" in the Secunia database. Go to Unpatched/Patched list
| below for details.
|
| (
http://secunia.com/product/13/#advisories)
|
| Currently, 3 out of 30 Secunia advisories, are marked as "Unpatched"
| in the Secunia database.
|
| --------------
|
| Here are the 3 unpatched Win-98 issues (all of which either cause
| trivial problems or require physical access to the system). It
| appears that only the legacy installation of Microsoft Java represents
| any real lingering threat to Windows 98(se) systems that are otherwise
| fully patched and updated.
|
| --------------
|
| 1) Windows buffer overflow in riched20.dll
|
http://secunia.com/advisories/8099/
|
| The vulnerability is caused by a boundary error in the dynamic link
| library "riched20.dll" in the function that draws figure strings. This
| can be exploited by constructing a malicious ".rtf" file where the
| figure string sets a font size larger than 1024 bytes and luring a
| user to open the file. Any application using the vulnerable function
| in "riched20.dll" will crash.
|
| Solution: Do not open files with RTF content from untrusted sources.
|
| ----------------
|
| 2) Microsoft Java Virtual Machine Cross-Site Communication
| Vulnerability
|
http://secunia.com/advisories/12047/
|
| Marc Schoenefeld has reported a vulnerability in Microsoft Java
| Virtual Machine, allowing Java applets originating from different
| domains to communicate.
|
| The problem is that applets share a common class loader for the system
| classes, allowing sites to use public static fields for Cross-Site
| communication. This could potentially be exploited to cause
| information leakage.
|
| This is a breach of sandbox restrictions.
|
| The vulnerability has been reported in version 5.0.0.3810. Other
| versions may also be affected.
|
| Solution: Use another Java implementation.
|
| ----------------
|
| 3) Microsoft Windows Unspecified USB Device Driver Vulnerability
|
http://secunia.com/advisories/16210/
|
| A vulnerability has been reported in Microsoft Windows, which can be
| exploited by malicious people with physical access to a vulnerable
| system to compromise it.
|
| The vulnerability is caused due to an unspecified boundary error in a
| USB device driver and can be exploited to cause a buffer overflow via
| a specially crafted USB device.
|
| Successful exploitation allows execution of arbitrary code with SYSTEM
| privileges, but requires physical access to a vulnerable system
|
| Solution: Restrict physical access to vulnerable systems.
| Disable USB support.
