Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to antdude
Re: MS Security Bulletin Advanced Notification for 4/3/2007
ALL Operating Systems from Microsoft starting with W95 are affected by ANI exploit.
It has been confirmed by members of the GRC Security NG that W95, 98/98SE, and ME are affected by this critical vulnerability. Unfortunately, there will be NO patch for them. Also, unfortunately, the patch issued by ZERT which originally stated that it patched Windows 98/98SE DOES NOT PATCH any system below 2000.
Considering the number of 98 users world wide, I think this is one instance where a patch should be issued. Most people still using 98 or ME are doing so because the machines are too old to allow upgrades of the OS without substantial hardware upgrades which make no sense on machines this old. Still these old machines generally have a lot less hardware issues than new machines (at least if they are Dells) and are adequate for email and websurfing. Many of those using these old OSes use IE only and use Outlook Express. Maybe they can move to web mail with out much difficulty but moving to another browser is something most probably won't do.
A vulnerability this serious should be patched...not other less serious things...but this should be patched IMO. While these old machines may be of no interest to criminals for purposes of netbots, people doing banking and shopping online on these old machines with old OSes would be of interest to criminals.
--
"If you want to do DRM on a PC then you need to treat the user as the enemy." Ross Anderson in "`Trusted Computing' Frequently Asked Questions"
»www.msfirefox.com/ |
