Prev: Windows 2000 and XP-SP2 are now officially "End of Life" Today
Next: Installing generic printer
From: 98 Guy on 18 Jul 2010 20:00
Dan W wrote:

> Well, it appears Windows 98 possibly may be vulnerable to this
> exploit as well according to user comments from an article on
> the topic.

You are referring to a comment where someone quoted Symantec's list of
vulnerable systems, listing 95, 98 and ME along with most other NT OS's.

The source of that information is this:

http://www.symantec.com/security_response/writeup.jsp?docid=2010-071400-3123-99&tabid=2

----------
Systems Affected: Windows 98, Windows 95, Windows XP, Windows Me,
Windows Vista, Windows NT, Windows Server 2003, Windows 2000
CVE References: CVE-2010-2568
----------

But note the following from the technical description:

----------
The worm creates the following registry entry for the above service:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MRxCls\"ImagePath"
= "%System%\drivers\mrxcls.sys"

It also registers the file mrxnet.sys as a service with the following
characteristics:
Display Name: MRXNET
Startup Type: Automatic
---------

Windows 9x/me does not have a "service" mechanism the way that NT-based
OS's do. So that description does not accurately describe how this
"worm" would work on a win-9x/me system. Which leads me to believe that
it wouldn't work.

Also, this is an analysis of the *payload code* that is run on systems
that have been comprimised by the .lnk vulnerability. It doesn't say
that the .lnk vulnerability itself is operational on Windows 9x/ME
systems.

The way I read this, this is just typical carelessness on the part of
Symantec in lumping 9x/me into the laundry list of vulnerable OS's.

This is not limited to flash drives. This could be circulated via
web-page construction, ftp sites and e-mail attachments.
 | 
Pages: 1
Prev: Windows 2000 and XP-SP2 are now officially "End of Life" Today
Next: Installing generic printer