B
O
optikl
Bart said:
Good to see you're still alive
. Hope you're well, too.
V
Virus Guy
Bart said:
"Over the past few months, the two attack vectors that we saw in
volume were against the Windows DCOM (Distributed Component Object
Model) interface of the RPC (remote procedure call) service"
Why doesn't Microsoft say if Win-98 is affected by that item?
http://www.microsoft.com/technet/security/bulletin/MS03-026.mspx
"Microsoft tested Windows Me, Windows NT 4.0, Windows NT 4.0 Terminal
Services Edition, Windows 2000, Windows XP and Windows Server 2003, to
assess whether they are affected by this vulnerability. Previous
versions are no longer supported, and may or may not be affected by
this vulnerability."
So why does MS make a point of testing NT4 for this vulnerability, and
then states that "previous versions are no longer supported" ?! NT4
is older than 98, and NT4's support period has passed while 98's
support period has been lengthened.
Is Win-98 vulnerable to the DCOM thing?
B
Bart Bailey
Good to see you're still alive
TNX
Been spending time with my neglected amateur radio hobby.
B
Bart Bailey
See this: http://www.ntisys.com/bulletins/MS-DCOM-exploits.html
~~~
"It is possible to install DCOM onto Windows 98 and ME using an add-on
package available from Microsoft. While Microsoft has said that Windows
98 is not vulnerable to the DCOM flaw, neither Microsoft, nor any third
party, has, to my knowledge, explicitly confirmed or denied that the
DCOM add-on is not vulnerable. The DCOMCNFG utility described in MSKB
825750 reportedly does work on Win 98/ME systems with the DCOM add-on
installed. People running such systems may want to take the steps
described in MSKB 825750 to disable DCOM, using that utility."
~~~
http://www.ntisys.com/bulletins/MS-DCOM-exploits.html