Windows Security Problem – 4219 days old

[Alakazam]

Directy From Microsoft:

Summary
Who should read this bulletin: Customers using Microsoft® Windows® ME or XP, or who have installed the Windows XP Internet Connection Sharing client on Windows 98 or 98SE.

Impact of vulnerability: Denial of service

Maximum Severity Rating: Low

Recommendation: Windows XP customers should apply the Critical Update listed below in Patch Availability, as it contains fixes for a number of issues, including this one. Customers using Windows 98, 98SE or ME should apply the patch if the Universal Plug and Play service is installed and running.

Affected Software:

Microsoft Windows 98 Microsoft Windows 98SE Microsoft Windows ME Microsoft Windows XP

Note: Windows 98 and 98SE are only affected if the Internet Connection Sharing that ships with Windows XP has been installed on the machine.

Get the patch here!

[TheHeretic]

Ok this just boggles the mind. This is a problem with a product that has been around for at least 4 years now (98 and 98SE)

The fact that it affects 98 AND XP tells me that someone merely imported old lines of code. or based the new code on the old faulty stuff.

Things that make you go hmmmmmmmmmmmmmmmm!!!


TheHeretic

[Mad dog]

Actually code reuse is the way everyone is trying to push all of programming these days. OO or object orientation and COM are all about encouroging code reuse. Alot of 2k code is simpy reused 9x and NT code. Otherwise, it would take years to proagram something as big as as windows 2000 or XP.

One of the problems with this of course is that reused code can be bad, and modifiyng this code goes against the idea of code reuse. Eventually this code will phase out when it becomes redundant, but it takes a long ass time.

Things are really bad in MS since the ideas of Software engineerng methods clash with the marketing departments deadlines.