A
Art
To distribute the load, use Steve Gibson's web site:
http://www.grc.com/sn/notes-020.htm
Art
http://home.epix.net/~artnpeg
http://www.grc.com/sn/notes-020.htm
Art
http://home.epix.net/~artnpeg
My assumption was correct. Too many hits on the website. Thankfully we
have Gibson Research to the rescue.
Art said:Note this from Steve's site as well:
This should help clarify some of the confusion concerning the
vulnerabity of 98/ME. These systems are vulnerable,
ARG!
You can't say that Win-9x is vulnerable until it's clear that 9x
actually has a component that is responsible for rendering or handling
wmf files.
We know that Macro$loth didn't include shell handling of wmf files
until (apparently) ME.
http://support.microsoft.com/?kbid=272969
Art said:Aside from the fact that experts claim a inherent vulnerability
exists going back as far as Win 3.X
.... I found several descriptions of earlier WMF exploits
where Win 98 is included as one of the OS susceptable. Here's
one example that's over a year old:
http://www.proantivirus.com/en/viruses/virusinfo_detail.php?ID=554
Symantec has several old descriptions along similar lines where
Win 98 is included.
Virus Guy said:And I will say the same thing. 9X systems remain in-vulnerable unless
or until someone can point out how those systems use native M$ code or
components to handle wmf files.
The truth is, for the vast majority of 9X systems out there, that wmf
files are unknown file types and they have no idea how to handle them
- which turns out to be a good thing.
Virus Guy said:ARG!
You can't say that Win-9x is vulnerable until it's clear that 9x
actually has a component that is responsible for rendering or handling
wmf files.
ARG!
You can't say that Win-9x is vulnerable until it's clear
that 9x actually has a component that is responsible for
rendering or handling wmf files.
We know that Macro$loth didn't include shell handling of
wmf files until (apparently) ME.
http://support.microsoft.com/?kbid=272969
FWIW:
IrfanView running on W95 B (4.00.950 b) opens and displays w/o
problems and or side effect all five .WMF test files from the
German site (cf. Gabriele Neukam's post).
So, that ver. of W95 on that particular PC is not vulnerable.
Vulnerability checker from hexblog.com confirms that (tho it's
not clear if the checker can analyze W9x correctly).
IrfanView running on W95 B (4.00.950 b) opens and displays w/o
problems and or side effect all five .WMF test files from the
German site (cf. Gabriele Neukam's post).
So, that ver. of W95 on that particular PC is not vulnerable.
Todd H. said:What's interesting is how strenuously you deny the possibility
that win98 is vulnerable, when Microsoft themselves says it is.
http://www.microsoft.com/technet/security/advisory/912840.mspx
According to:
http://www.microsoft.com/technet/security/advisory/912840.mspx
Win 98 and 98 SE are referenced. Expand the "overview" section
and you'll see.
FWIW:
IrfanView running on W95 B (4.00.950 b) opens and displays w/o
problems and or side effect all five .WMF test files from the
German site (cf. Gabriele Neukam's post).
So, that ver. of W95 on that particular PC is not vulnerable.
Virus said:ARG!
You can't say that Win-9x is vulnerable until it's clear that 9x
actually has a component that is responsible for rendering or handling
wmf files.
FWIW:
IrfanView running on W95 B (4.00.950 b) opens and displays w/o
problems and or side effect all five .WMF test files from the
German site (cf. Gabriele Neukam's post).
So, that ver. of W95 on that particular PC is not vulnerable.
Vulnerability checker from hexblog.com confirms that (tho it's
not clear if the checker can analyze W9x correctly).
Virus Guy said:No. What's interesting is that I already posted an argument about
what Micro$haft wrote on that above-mentioned web page on Saturday.
You apparently didn't read it. I will reproduce it below:
The inclusion of Win-98 in the above list is nothing but a lie.
Agreed. My observations were about one box in its whatever
space-time continuum.
Agreed. My observations were about one box in its whateverThat version, COMBINED WITH THE PRESENTLY INSTALLED
PROGRAMS, is not vulnerable to THIS exploit.
Nobody runs Win95 or Win98 without other programs. What use
would it be?