Attack Trends: 2004 and 2005

"Over the past few months, the two attack vectors that we saw in volume were against the Windows DCOM (Distributed Component Object Model) interface of the RPC (remote procedure call) service"

Why doesn't Microsoft say if Win-98 is affected by that item?

"Microsoft tested Windows Me, Windows NT 4.0, Windows NT 4.0 Terminal Services Edition, Windows 2000, Windows XP and Windows Server 2003, to assess whether they are affected by this vulnerability. Previous versions are no longer supported, and may or may not be affected by this vulnerability."

So why does MS make a point of testing NT4 for this vulnerability, and then states that "previous versions are no longer supported" ?! NT4 is older than 98, and NT4's support period has passed while 98's support period has been lengthened.

Is Win-98 vulnerable to the DCOM thing?

In Message-ID: posted on Wed, 15 Jun 2005

23:35:40 -0400, Virus Guy wrote: Begin

See this:

"It is possible to install DCOM onto Windows 98 and ME using an add-on package available from Microsoft. While Microsoft has said that Windows

98 is not vulnerable to the DCOM flaw, neither Microsoft, nor any third party, has, to my knowledge, explicitly confirmed or denied that the DCOM add-on is not vulnerable. The DCOMCNFG utility described in MSKB 825750 reportedly does work on Win 98/ME systems with the DCOM add-on installed. People running such systems may want to take the steps described in MSKB 825750 to disable DCOM, using that utility." ~~~