Microsoft Plus 98 Exposed Passwords in Compressed Files Vulnerability Patch (3/28/01)Use this to patch a security vulnerability that could reveal the password to compressed files. | |
Download |
Microsoft Plus 98 Exposed Passwords in Compressed Files Vulnerability Patch (3/28/01) Ranking & Summary
Advertisement
- License:
- Free
- Publisher Name:
- Microsoft
- Publisher web site:
- http://www.microsoft.com/
- Operating Systems:
- Windows 98
- File Size:
- 205.16K
Microsoft Plus 98 Exposed Passwords in Compressed Files Vulnerability Patch (3/28/01) Tags
Microsoft Plus 98 Exposed Passwords in Compressed Files Vulnerability Patch (3/28/01) Description
Plus 98, an optional package that extends Windows 98 and Windows 98 Second Edition, introduced a data-compression feature called Compressed Folders that was also included in Windows Me. For interoperability with leading third-party compression tools, it provides a password protection option for folders that have been compressed. However, due to a flaw in the package s implementation, the passwords used to protect the folders are recorded in a file on the user s system. If an attacker gained access to an affected machine on which password-protected folders were stored, she could learn the passwords and access the files.The patch will prevent passwords from being written to the user s system in the future. After applying the patch, it is important to also delete c:windowsdynazip.log to ensure that all previously recorded passwords are deleted.
Microsoft Plus 98 Exposed Passwords in Compressed Files Vulnerability Patch (3/28/01) Related Software