Windows NT, 95, 98, and Me are supported by Microsoft only for customers
who PAY A FEE. As a result, Microsoft releases patches for these
operating systems only to people who have Premier support contracts with
the company.

However, as was reported on the Patch Management blog by Eric Schultze
of patch-management vendor Shavlik.com, Microsoft has provided a fix for
MS08-067 to customers who pay for NT patches.

Is there any way to find out if MS has patch for win-98 for MS08-067
(assuming that win-98 is vulnerable) that would be available only
through a support contract?

98 Guy > wrote in :

> Windows NT, 95, 98, and Me are supported by Microsoft only
> for customers who PAY A FEE. As a result, Microsoft
> releases patches for these operating systems only to people
> who have Premier support contracts with the company.
>
> However, as was reported on the Patch Management blog by
> Eric Schultze of patch-management vendor Shavlik.com,
> Microsoft has provided a fix for MS08-067 to customers who
> pay for NT patches.
>
> Is there any way to find out if MS has patch for win-98 for
> MS08-067 (assuming that win-98 is vulnerable) that would be
> available only through a support contract?

I could be wrong, but I believe even though MS no longer
"supports" 9x etc, /IF/ an exploit affects those OS's that IS
mentioned on the exploit info page. Since nothing but 2000 and
up are mentioned, you have nothing to worry about.



--
"May you live in interesting times."
(curse, origin disputed)

thanatoid wrote:

> > Is there any way to find out if MS has patch for win-98 for
> > MS08-067 (assuming that win-98 is vulnerable) that would be
> > available only through a support contract?
>
> I could be wrong, but I believe even though MS no longer
> "supports" 9x etc, /IF/ an exploit affects those OS's that IS
> mentioned on the exploit info page.

I've mentioned many times here that MS has never been clear about the
status of win-98 in their security advisory bulletins since win-98
support ended in July 2006, and in some cases before July 2006.

The reality is that the opening statements of most MS security
advisories is written in a way to give you the impression that win-98
_is_ affected (and the tech press pick up on that and report only that)
but when you drill down deeper into the advisory, you see that MS makes
NO definitive claim regarding win-98 and the vulnerability in question.
Instead, all you find is a generic statement about the support status of
win-98.

So Microsoft itself has been an absolutely useless source of information
regarding the succeptibility of win-98 to any vulnerabilities discovered
since July 2006.

One theory is that win-98 is not susceptible to many or most of those
new vulnerabilities, and MS wants to downplay that fact by simply not
announcing it in each advisory.

But the fact remains that it is possible to obtain patches and fixes for
win-98 through extended support contracts - assuming that such patches
are even necessary.

Anyone who works for a corporation or institution that has such a
support contract could at least find out _IF_ MS has or is offering any
patches for win-98 that are not being made available publically.

"98 Guy" > wrote in message ...

> the opening statements of most MS security
> advisories is written in a way to give you the impression that win-98
> _is_ affected (and the tech press pick up on that and report only that)
> but when you drill down deeper into the advisory, you see that MS makes
> NO definitive claim regarding win-98 and the vulnerability in question. .
.. .
> So Microsoft itself has been an absolutely useless source of information
> regarding the succeptibility of win-98 to any vulnerabilities discovered
> since July 2006.

In other words the "meaning" of "no further support" is exactly
what common sense suggested years ago.

> But the fact remains that it is possible to obtain patches and fixes for
> win-98 through extended support contracts - assuming that such patches
> are even necessary.

Yes, and there might be invisible fairies at the bottom of the
garden. What really matters is whether Win98 runs trouble-
free and intruder-free: only if it does not does anyone want to know
whether any patches have actually been written since 2006.
If this is a null class (extended support may be bought, but no
one has actually bought it) it is irrelevant.

--
Don Phillipson
Carlsbad Springs
(Ottawa, Canada)

Don Phillipson wrote:

> > So Microsoft itself has been an absolutely useless source of
> > information regarding the succeptibility of win-98 to any
> > vulnerabilities discovered since July 2006.
>
> In other words the "meaning" of "no further support" is exactly
> what common sense suggested years ago.

What the hell is the matter with you?

Stating a simple fact (that a given vulnerability does or does not apply
to windows 98) does not itself constitute support.
> > But the fact remains that it is possible to obtain patches and
> > fixes for win-98 through extended support contracts - assuming
> > that such patches are even necessary.
>
> Yes, and there might be invisible fairies at the bottom of
> the garden.

What - are you publically doubting that any such paid or contract
support still exists for win-98?

When proof was given at the start of this thread that such support
continues to be made available for NT?

> What really matters is whether Win98 runs trouble-free
> and intruder-free:

And what nuggets of golden information are you providing on that front?

> only if it does not does anyone want to know whether any
> patches have actually been written since 2006.

What cracked logic that is.

And how many people running XP would have thought that their systems
were running trouble-free and intruder-free prior to MS08-067?

How many people have a PC that's part of a bot-net - and don't know it?

Your logic: I don't need to patch a security hole until after it's been
taken advantage of, because up to that point I don't need the patch.

> If this is a null class (extended support may be bought, but no
> one has actually bought it) it is irrelevant.

Why don't you reformulate your point so that humans can understand it.