Antivirus for Win98

[Virus Guy]

Poutnik wrote:

> > And because Microsoft is still supporting win-2K, they are also
> > releasing IE6-SP1 rollup patches and fixes for it.
>
> But support and updates for W2K ends in July 2010....

And the emergence of new threats against IE6 will also end in July 2010
because so too will examination and public disclosure of new
vulnerabilities.

Not that win-98 is actually vulnerable to many of the IE6
vulnerabilities that *have* been disclosed and patched for IE6 for the
past 6 years.

[Poutnik]

In article <4BC519B6.FC98EE7E@Guy.com>, Virus@Guy.com says...
>
> Poutnik wrote:
>
> >
> > But support and updates for W2K ends in July 2010....
>
> And the emergence of new threats against IE6 will also end in July 2010
> because so too will examination and public disclosure of new
> vulnerabilities.
>
In general, not affecting just Windows:

Aside of publicly dislosed vulnerabilities,
there are plenty of not publicly disclosed vulnerabilities.
Some of them are published even more than a year after disclosing.

Far from all vulnerabilities are diclosed by SW vendors.
Being not supported makes a product in fact more vulnerable.
If you close eyes, you are not less vulnerable to violent people.


--
Poutnik
The best depends on how the best is defined.

[Virus Guy]

Poutnik wrote:

> > > But support and updates for W2K ends in July 2010....
> >
> > And the emergence of new threats against IE6 (sp1) will also end
> > in July 2010 because so too will examination and public
> > disclosure of new vulnerabilities.
>
> Aside of publicly dislosed vulnerabilities, there are plenty
> of non publicly disclosed vulnerabilities.

The exploits that you see widely circulated and used are the result of
public disclosure. This disclosure frequently happens within days of,
or at the same time as the patch or fix being made available by the
vendor.

Hackers and "exploiters" usually do not conduct their own vulnerability
research, but instead rely on public disclosure and then quickly code
their exploits for mass distribution.

The end of IE6-SP1 support will mark the end of third-party
vulnerability investigation and the rewards that come with it (yes,
people get rewarded for telling vendors about the vulnerabilities they
discover). With the end of this vulnerability investigation will also
come the end of new exploits, because hackers will also drop their focus
on IE6-SP1.

There are probably lots of XP machines still running IE6-SP2, but MS
will still be supplying patches for that for some time. But IE6-SP2 is
somewhat different (code-wise) than IE6-SP1, and most likely any
exploits written for SP2 will not function properly against SP1, and
even moreso against IE6-SP1 running on a win-98 system.

[David H. Lipman]

From: "Virus Guy" <Virus@Guy.com>

| Poutnik wrote:

>> > > But support and updates for W2K ends in July 2010....
>> >
>> > And the emergence of new threats against IE6 (sp1) will also end
>> > in July 2010 because so too will examination and public
>> > disclosure of new vulnerabilities.

>> Aside of publicly dislosed vulnerabilities, there are plenty
>> of non publicly disclosed vulnerabilities.

| The exploits that you see widely circulated and used are the result of
| public disclosure. This disclosure frequently happens within days of,
| or at the same time as the patch or fix being made available by the
| vendor.

| Hackers and "exploiters" usually do not conduct their own vulnerability
| research, but instead rely on public disclosure and then quickly code
| their exploits for mass distribution.

| The end of IE6-SP1 support will mark the end of third-party
| vulnerability investigation and the rewards that come with it (yes,
| people get rewarded for telling vendors about the vulnerabilities they
| discover). With the end of this vulnerability investigation will also
| come the end of new exploits, because hackers will also drop their focus
| on IE6-SP1.

| There are probably lots of XP machines still running IE6-SP2, but MS
| will still be supplying patches for that for some time. But IE6-SP2 is
| somewhat different (code-wise) than IE6-SP1, and most likely any
| exploits written for SP2 will not function properly against SP1, and
| even moreso against IE6-SP1 running on a win-98 system.

Hackers and "exploiters" usually do indeed conduct vulnerability research.

When they do the malicious actors disclose the information it is in the black world
outside of public view but avalable, maybe at a price, to the hacker and malware
community.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[Poutnik]

In article <4BC5C0CC.B483A1E4@Guy.com>, Virus@Guy.com says...
>
> Poutnik wrote:
>
> > > > But support and updates for W2K ends in July 2010....
> > >
> > > And the emergence of new threats against IE6 (sp1) will also end
> > > in July 2010 because so too will examination and public
> > > disclosure of new vulnerabilities.
> >
> > Aside of publicly dislosed vulnerabilities, there are plenty
> > of non publicly disclosed vulnerabilities.
>
> The exploits that you see widely circulated and used are the result of
> public disclosure. This disclosure frequently happens within days of,
> or at the same time as the patch or fix being made available by the
> vendor.
>
> Hackers and "exploiters" usually do not conduct their own vulnerability
> research, but instead rely on public disclosure and then quickly code
> their exploits for mass distribution.
>

There is known fact many vulnerabilities are inherited,
often through even several generations of the products, including IE.

If there is still widely used,
not anymore supported old version of SW,
sharing vulnerability with current versions,
they are ideal hacker target.

Linux and different UNIX flavors
would be definitely more vulnerable than Windows,
because there is much more published vulnerabilities for them.

But they are not.



--
Poutnik
The best depends on how the best is defined.