Ambassador Posted November 20, 2006 Share Posted November 20, 2006 It's giving me the "Insufficient memory" thing again! Link to comment Share on other sites More sharing options...
MDGx Posted November 20, 2006 Author Share Posted November 20, 2006 It's giving me the "Insufficient memory" thing again!This issue is not related to U891711 as far as I can tell.You may want to look into other system settings or installed programs/updates.HTH Link to comment Share on other sites More sharing options...
ale5000 Posted December 14, 2006 Share Posted December 14, 2006 This patch works on Italian version of Win ME? Link to comment Share on other sites More sharing options...
Max_04 Posted December 14, 2006 Share Posted December 14, 2006 This patch works on Italian version of Win ME?Yeah! Link to comment Share on other sites More sharing options...
erpdude8 Posted December 15, 2006 Share Posted December 15, 2006 (edited) This patch works on Italian version of Win ME?Yeah!really? are u sure? how about the Italian edition of Win98 SE?the latest U891711 patch does not cause "insufficient memory" errors as I've tested on many Win98 & WinME machines. the problem seems to lie with one or some of third party apps/drivers. this is more likely to happen when a lot of programs are loaded at Startup.do a Scandisk from pure DOS mode to fix disk errors.then when reloading Windows, run Registry Editor [REGEDIT.EXE], check the contents of the following registry keys: "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run", "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" and"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices"If there are too many entries in any of the three registry keys, start deleting some of them (or use MSCONFIG and on the Startup tab, uncheck the entries that are non-essential). Edited December 15, 2006 by erpdude8 Link to comment Share on other sites More sharing options...
MDGx Posted April 5, 2007 Author Share Posted April 5, 2007 The Anonymous author of unofficial U891711, KERNEL32.DLL, SHELL32.DLL, GDI32.DLL + GDI.EXE patches sent me this message regarding the newly discovered [?] Windows XP/2003/Vista + MS IE 5/6/7 .ANI [animated] cursor security vulnerability accessed through the GDI engine.M$ *knew* about it and *ignored* it since December 2006 [!].But only on April 3 2007 M$ issued patches for Windows XP, 2003 + Vista, 32 + 64 bit [if any1 interested]:http://www.microsoft.com/technet/security/...n/ms07-017.mspxGuess what... Windows 98 (FE), 98 SP1, 98 SE + ME are already protected [sic! ] if you install unofficial U891711 fix:U891711: Unofficial Windows 98/98 SP1/98 SE/ME Q891711.DLL 4.10.2223 + KB891711.EXE 4.10.2227 Fix [119 KB]:http://www.mdgx.com/files/U891711.EXERead U891711.TXT FIRST:http://www.mdgx.com/files/U891711.TXTU891711 MSFN forum:http://www.msfn.org/board/?showtopic=58780AFAICT, the unofficial KB891711.EXE (4.10.2227) already protects againstthe newly discovered animated cursor vulnerability (Win2k, WinXP, Vista).I hope this helps.HTH Link to comment Share on other sites More sharing options...
Rick Chauvin Posted April 6, 2007 Share Posted April 6, 2007 That's really great, thank you for U891711.exe ....which I'm haappy to say I already had installed it previously ~~~~~~~~~~~~~~~~~~~I hope Anonymous still is considering releasing Shell32.dll v4.72.3812.640, please Link to comment Share on other sites More sharing options...
BenoitRen Posted April 6, 2007 Share Posted April 6, 2007 How about an actual patch of user32.dll, instead of this work-around? Link to comment Share on other sites More sharing options...
Ninho Posted April 10, 2007 Share Posted April 10, 2007 (edited) Note : The unofficial fix also works in Windows 95 ! Cf. :http://www.msfn.org/board/index.php?showto...st&p=643507-- Ninho Edited April 10, 2007 by Ninho Link to comment Share on other sites More sharing options...
MDGx Posted April 11, 2007 Author Share Posted April 11, 2007 How about an actual patch of user32.dll, instead of this work-around?BenoitRen:Anonymous author replies to your question:KB891711 + U891711 (official & unoffical) are not work-arounds 'BenoitRen', but the even better news is: It would have been too time-consuming to search for the code segment in USER.EXE where .ANI files are parsed (not where USER.LoadImage is), but I just happened to come across it the other day, so there will be a Win98SE USER.EXE/USER32.DLL patch (4.10.2234) in due course. A Win98FE patch is far beyond what I can manage to do, even a WinME patch is highly, highly unlikely I am afraid.HTH__________________________________That's really great, thank you for U891711.exe ....which I'm haappy to say I already had installed it previouslyI hope Anonymous still is considering releasing Shell32.dll v4.72.3812.640, pleasePlease see the answer to your request here:http://www.msfn.org/board/?s=&showtopi...st&p=643804HTH Link to comment Share on other sites More sharing options...
BenoitRen Posted April 11, 2007 Share Posted April 11, 2007 If he found it in Win98 SE's user.exe, it wouldn't be too hard to find in the other versions, no? After all, they're all built on their previous versions instead of rewritten code. I'd like to help looking, but I don't know what to look for, or even how to do it. Link to comment Share on other sites More sharing options...
Max_04 Posted April 11, 2007 Share Posted April 11, 2007 If he found it in Win98 SE's user.exe, it wouldn't be too hard to find in the other versions, no? After all, they're all built on their previous versions instead of rewritten code. I'd like to help looking, but I don't know what to look for, or even how to do it.In Italy we say:"Don't spit in the plate where you have been eating".The plate where you have been eating is this section of MSFN.Here everybody (anonymous author included) give their contribute, without to force someone to do something.It's my thought. Link to comment Share on other sites More sharing options...
BenoitRen Posted April 11, 2007 Share Posted April 11, 2007 (edited) Note that I am offering my help.Also, being a Windows 95 user, I'm barely fed here. Edited April 11, 2007 by BenoitRen Link to comment Share on other sites More sharing options...
Max_04 Posted April 11, 2007 Share Posted April 11, 2007 (edited) Note that I am offering my help.Also, being a Windows 95 user, I'm barely fed here.Right, but without to annoy people, as you've done before. Edited April 11, 2007 by Max_04 Link to comment Share on other sites More sharing options...
MDGx Posted April 12, 2007 Author Share Posted April 12, 2007 galahs + Ninho:Anonymous author replies to your questions:'galahs' wrote on Apr 7 2007, 08:50 PM:> So what is the advantage of using the unofficial Q891711 patch over> Zerts?There are 2 advantages:(1) AFAICT, the latest ZERT patch does not address the previousvulnerabilities as described in KB891711. It only addresses the mostrecent vulnerability, that is, it only checks for the correct length ofany 'anih' chunk.(2) As 'Ninho' pointed out correctly, "... it is USER.EXE which needs apatch. USER32 is just a small stub, all the meat is in the 16 bit USER."Only KB891711.EXE patches USER.EXE.As an additional note:> (Ninho) "... on Windows 9x in no case can a "sploit" of this kind cause> instructions, contained as data in the malicious file, to be handed> control and executed..."I would revise this statement: It is virtually impossible (not in nocase) to craft a file that leads to arbitrary code execution under thesegmented memory model. In addition, if the .ANI file was actually parsedin USER32.DLL the exploit would work under Win9x as it does under Win2k,WinXP, etc. This is important to remember as, for example, part of an .EMFfile is not parsed in GDI.EXE, but, similar to WinNT, Win2K, WInXP, etc.,in GDI32.DLL.HTH Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now