Bugtraq mailing list archives
Re: Too much misleading advice on the Universal Plug-and-Play security hole
From: Matthew Caron <matt () ele uri edu>
Date: Thu, 27 Dec 2001 11:58:09 -0500
Once again for those of us that missed it in Microsoft's bulletin the first time: Affected Software: Microsoft Windows 98 Microsoft Windows 98SE Microsoft Windows ME Microsoft Windows XP That means, and as I've said to one to many reporters, if you or someone you> know is running Windows 98/ME/XP then you/they need to install the patch.
Not true. From: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-059.asp "Windows 98 and 98SE do not include a native UPnP service, but one can be installed via the Internet Connection Sharing client that ships with Windows XP." Therefore 98 and 98SE are not inherently vulnerable. They are only vulnerable if you've installed that service from XP. -- My romantically involved friends are constant reminders of the benefits, however few, of being single. ~~ Matt Caron ~~
Current thread:
- Too much misleading advice on the Universal Plug-and-Play security hole Richard M. Smith (Dec 26)
- RE: Too much misleading advice on the Universal Plug-and-Play security hole Marc Maiffret (Dec 27)
- RE: Too much misleading advice on the Universal Plug-and-Play security hole Richard M. Smith (Dec 29)
- RE: Too much misleading advice on the Universal Plug-and-Play security hole David LeBlanc (Dec 30)
- RE: Too much misleading advice on the Universal Plug-and-Play security hole Paul Schmehl (Dec 29)
- Re: Too much misleading advice on the Universal Plug-and-Play security hole Matthew Caron (Dec 29)
- RE: Too much misleading advice on the Universal Plug-and-Play security hole Richard M. Smith (Dec 29)
- RE: Too much misleading advice on the Universal Plug-and-Play security hole Marc Maiffret (Dec 27)