(Msg. 1) Posted: Sat Oct 25, 2008 2:29 am
Post subject: Does the RPC Attack affect Win 98? Archived from groups: microsoft>public>win98>gen_discussion (more info?)
Customers who require custom support for older releases must
contact their Microsoft account team representative, their
Technical Account Manager, or the appropriate Microsoft partner
representative for custom support options
Does this mean M$ is still supporting 98 for people with
custom contracts?
The bulletin also states in the FAQs"
What systems are primarily at risk from the vulnerability?
While all workstations and servers are at risk regarding this
issue, systems running Microsoft Windows 2000, Windows XP, or
Windows Server 2003 are primarily at risk due to the unique
characteristics of the vulnerability and affected code path.
Does Win 98 share these "unique characteristics?"
What is the difference between "all workstations and servers"
being at risk but just some being "primarily" at risk because of
"unique characteristics."
Normally I do not log on and have the browser available, i.e., I
can't look at other systems on my local network. Does that leave
me safe?
(Msg. 2) Posted: Sat Oct 25, 2008 11:12 am
Post subject: Re: Does the RPC Attack affect Win 98? [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
I would bet that the problem (which required a very rare emergency
update a couple of days ago for NT-based systems) is with the "server"
service, possibly performed by the file rpcss.exe. I would bet that
win-9x is not vulnerable to the exploit being addresses in that
bulletin.
Furthermore, isin't Dcom related to (or required to be installed /
running) for RPC to function on win-9x?
If you're connected to the internet via a NAT-router, then you won't see
any port 135 connection attempts anyways.
Many services by default are listening on network interfaces, including
the local loopback interface. For example, the Microsoft remote
procedure call (RPC) port mapper listens on TCP/135, UDP/135, TCP/1027,
and TCP/1028. Three of these services — the RPC client, RPC server, and
RPC end-point mapper — can be configured to close all open ports.
However, these changes must be carefully tested because they can break
functionality, not only with remote hosts, but also between local
services.
Microsoft Exchange and Microsoft SQL Server™ are the most commonly
deployed applications that require RPC. Additionally, RPC calls are used
during remote management of servers. The common built-in utilities that
are dependent on RPC services are:
DHCP Manager
DNS Administrator
WINS Manager
Performance Monitor
Event Viewer
Registry Editor
Server Manager
User Manager
----------------
(Msg. 3) Posted: Sat Oct 25, 2008 5:28 pm
Post subject: Re: Does the RPC Attack affect Win 98? [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
Support for Win98 ended in early July 2006. Is Win98 vulnerable to this
exploit? Possibly, but MS isn't going to tell you or issue a patch for any
non-supported OSS.
If you're behind a firewall *and* file/printer sharing is disabled, you
should be OK.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/
smith wrote:
> Does the RPC attack affect Win 98?
>
>
> M$ Security Bulletin:
> http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx >
>
> The Bulletin states:
>
> Customers who require custom support for older releases must
> contact their Microsoft account team representative, their
> Technical Account Manager, or the appropriate Microsoft partner
> representative for custom support options
>
> Does this mean M$ is still supporting 98 for people with
> custom contracts?
>
> The bulletin also states in the FAQs"
>
> What systems are primarily at risk from the vulnerability?
>
> While all workstations and servers are at risk regarding this
> issue, systems running Microsoft Windows 2000, Windows XP, or
> Windows Server 2003 are primarily at risk due to the unique
> characteristics of the vulnerability and affected code path.
>
> Does Win 98 share these "unique characteristics?"
>
> What is the difference between "all workstations and servers"
> being at risk but just some being "primarily" at risk because of
> "unique characteristics."
>
> Normally I do not log on and have the browser available, i.e., I
> can't look at other systems on my local network. Does that leave
> me safe?
(Msg. 4) Posted: Sat Oct 25, 2008 5:58 pm
Post subject: Re: Does the RPC Attack affect Win 98? [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
"PA Bear [MS MVP]" wrote:
> If you're behind a firewall *and* file/printer sharing is disabled,
> you should be OK.
Even with file/print sharing enabled, how would an RPC packet get past a
firewall (ie - NAT router) ?
(Msg. 5) Posted: Sat Oct 25, 2008 8:59 pm
Post subject: RE: Does the RPC Attack affect Win 98? [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
I would be surprised if remote procedure call (rpc) affects Windows 98 since
that is one of the great things that I enjoy about Windows 98 is that it does
not have the ability to allow another os to easily connect to Windows 98 like
Windows XP has. In Windows XP, Microsoft can use Easy Assist in order to
remotely try and work on your system from their end. I have not seen this
procedure ever used in Windows 98.
The thing is that with less there is more in some cases especially with
their being less services in Windows 98 compared to Windows XP and this has
the affect of their being less attack vectors to compromise a user's system.
If you put an unpatched XP system on the 'Net and an unpatched 98 system on
the 'Net I would be surprised if the 98 system was compromised before the XP
system. I found this by researching with Google and it appears RPC is not a
component of Windows 98.
Sometimes, it seems you go backwards with progress because RPC according to
this Microsoft bulletin does not affect Windows NT or Windows 98 but
certainly affects Windows 2000, Windows XP and Windows Server 2003. Long
Live Windows 98.
"smith" wrote:
> Does the RPC attack affect Win 98?
>
>
> M$ Security Bulletin:
> http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx >
>
> The Bulletin states:
>
> Customers who require custom support for older releases must
> contact their Microsoft account team representative, their
> Technical Account Manager, or the appropriate Microsoft partner
> representative for custom support options
>
> Does this mean M$ is still supporting 98 for people with
> custom contracts?
>
> The bulletin also states in the FAQs"
>
> What systems are primarily at risk from the vulnerability?
>
> While all workstations and servers are at risk regarding this
> issue, systems running Microsoft Windows 2000, Windows XP, or
> Windows Server 2003 are primarily at risk due to the unique
> characteristics of the vulnerability and affected code path.
>
> Does Win 98 share these "unique characteristics?"
>
> What is the difference between "all workstations and servers"
> being at risk but just some being "primarily" at risk because of
> "unique characteristics."
>
> Normally I do not log on and have the browser available, i.e., I
> can't look at other systems on my local network. Does that leave
> me safe?
>
>
>
All times are: Eastern Time (US & Canada) (change)
Page 1 of 1
You can post new topics in this forum You can reply to topics in this forum You can edit your posts in this forum You can delete your posts in this forum You can vote in polls in this forum
Home
Forums
Home
FAQ
Profile
Private Messages
Log in
Windows Other