Re: How is Blaster caught?

• Previous message: cquirke: "Re: How is Blaster caught?"
• In reply to: cquirke: "Re: How is Blaster caught?"
• Next in thread: FromTheRafters: "Re: How is Blaster caught?"
• Reply: FromTheRafters: "Re: How is Blaster caught?"
• Reply: Gabriele Neukam: "Re: How is Blaster caught?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 17 Aug 2003 15:45:25 GMT

On Sun, 17 Aug 2003 17:32:00 +0200, cquirke <cquirke@iafrica.com>
wrote:

>>I wasn't aware of that bolt-on, but then I'm not entirely clear what RPC
>>*does* anyway <g> If they made the buffer overrun mistake back in NT 4 or
>>whenever,it seems unlikely they happened to fix it when they made the win98
>>bolt-on, n'est ce pas?
>
>As has been pointed out, the bolt-on files for Win98xx (and presumably
>WinME) are versioned as per NT (4.0?), suggesting the same hole is
>likely. If the RPC add-on was pushed via Windows Update, it may be an
>ironic case of patching yourself *into* trouble.
>
>Precidents exist, where MS has seriously underestimated the scope of a
>hole because they forgot how they pushed and dribbled functionality
>outside of the obvious version lines. Remember the SQL server hole
>that turned out to be relevant to many Win9x, thanks to a "lite"
>version being bundled with Office's Access post-Jet database engine?

1. Does the patch install on Win 98/ME ?
2. Since Win 98 is no longer supported will there ever be a patch?
3. Have there been any confirmed cases of Win 98/ME infections by the
current worm and its variants?

  
Art
http://www.epix.net/~artnpeg

• Previous message: cquirke: "Re: How is Blaster caught?"
• In reply to: cquirke: "Re: How is Blaster caught?"
• Next in thread: FromTheRafters: "Re: How is Blaster caught?"
• Reply: FromTheRafters: "Re: How is Blaster caught?"
• Reply: Gabriele Neukam: "Re: How is Blaster caught?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]