We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Microsoft leaves 98 to the hackers

Too much effort

Microsoft has defended its decision not to patch a critical security flaw in Windows 98.

Support for the operating system officially ends next month on 12 July.

The vulnerability exists in Windows Explorer and the way it handles Component Object Model objects, whereby a malicious website could force a connection to a remote server where Explorer could fail, executing arbitrary code and giving the attacker complete control of the OS.

Patches correcting the flaw were issued for Windows 2000, XP and Windows Server 2003, but the vulnerability remains unpatched on Windows 98.

Christopher Budd, Microsoft Response Center security program manager, said the upgrades to Explorer's architecture since Windows 2000 has left 98 behind and applying fundamental changes could jeopardise program compatibility.

"Due to these fundamental differences, these changes would require re-engineering a significant amount of a critical core component of the operating system," Budd said.

"After such a re-engineering effort, there would be no assurance that applications designed to run on these platforms would continue to operate on the updated system."

"After extensive investigation, Microsoft has found that it is not feasible to make the extensive changes necessary... to eliminate the vulnerability," it states.


IDG UK Sites

Sony Xperia Z3 Compact review: A better deal than the Z3 and most smartphones

IDG UK Sites

Why people aren't upgrading to iOS 8: new features are for power users, not the average Joe

IDG UK Sites

Framestore recreates ancient China for Mr Bean's martial arts misadventure

IDG UK Sites

iPad Air 2 review: Insanely fast and alarmingly thin. Speed tests, camera tests and more