winxpi Posted July 22, 2006 Share Posted July 22, 2006 (edited) Is it possible to use the Windows 2000 files from the ms06-015patch to fix the flaw in win98 because this could also patch the 2 GB file copy limit (KB318293) .So even if it's not possible is there a way to create an unofficial ms06-015 patch for win98/me ,anyway?Is someone maybe working on this?I believe it could at least function to replace the Windows ME shell32.dll with the 2K one,has somebody tried it,yet? Edited July 22, 2006 by winxpi Link to comment Share on other sites More sharing options...
Tihiy Posted July 22, 2006 Share Posted July 22, 2006 Well, i've explored this, and found that it is not possible to use 2000' shell32.dll, but it is possible to make a patch for 98 and Me using same algorithms [unlike what M$ tells].I could probably do it but i lack motivation. Link to comment Share on other sites More sharing options...
winxpi Posted July 22, 2006 Author Share Posted July 22, 2006 (edited) Well, i've explored this, and found that it is not possible to use 2000' shell32.dll, but it is possible to make a patch for 98 and Me using same algorithms [unlike what M$ tells].I could probably do it but i lack motivation.Maybe with some $$ M$ will tell us the algorithm. This is because during the development of Windows 2000, we made significant enhancements to the underlying architecture of Windows Explorer.Due to these fundamental differences, these changes would require reengineering a significant amount of a critical core component of the operating system.Before they never cared about possible new issues that could result by installing a patch.M$ was just to lazy to make a fix in my opinion(maybe they thought they would have to make a second patch for Windows 98/ME too like for 2000/XP).One more thing... Windows ME and 2000 don't they have a similar architecture of Windows Explorer?*Motivation* >>TihiyPlease all motivate Tihiy! Edited July 22, 2006 by winxpi Link to comment Share on other sites More sharing options...
the_guy Posted July 22, 2006 Share Posted July 22, 2006 I think it would be a great idea. 1 quick suggestion though Tihiy. Could you also use the fixes from MS04-024, MS04-037, MS05-008, MS05-016 (ignore shlwapi.dll and sp3res.dll in the 2000 fix) and MS05-024 in the patch you make? It's just so that 98/ME will not be vulnerable to those flaws as well. That is just a suggestion as 98/ME are vulnerable to those flaws as well.This is most likely impossible to do. If not, I think it would be an excellent thing to do for the users of 98/ME.the_guy Link to comment Share on other sites More sharing options...
Tihiy Posted July 22, 2006 Share Posted July 22, 2006 Well, i've quickly explored other vulnerabilities and can say:MS04-024 - probably can be fixed, but it is controversal;MS04-037 - can be fixed simply;MS05-008 - not sure if it can be fixed but it is better to not use IE;MS05-016 - not sure if it can be fixed but it is better to not use msHTA;MS05-024 - can be fixed for ME by using 2000 patch. Link to comment Share on other sites More sharing options...
the_guy Posted July 22, 2006 Share Posted July 22, 2006 Ok. Does it matter that the 2000 version of webvw.dll lower than the version for ME?the_guy Link to comment Share on other sites More sharing options...
winxpi Posted July 22, 2006 Author Share Posted July 22, 2006 (edited) Ok. Does it matter that the 2000 version of webvw.dll lower than the version for ME?the_guyMaybe you get an error message ,but what you can do to avoid this is changing the version to a higher one with "Resource Hacker" for example. Edited July 22, 2006 by winxpi Link to comment Share on other sites More sharing options...
Acheron Posted July 22, 2006 Share Posted July 22, 2006 (edited) I hope these fixes can get patched properly on Windows 98. Especially the Shell32.dll and Explorer.exe patches are important. One is even listed as critical!On Secunia.com is a nice overview of current vulnerabilities in all Windows OS's.Here's current graph with Secunia advisories for Windows 98 and for Windows XP:Windows 98SE:Windows XP Professional:As you can see most vulnerabilities for Windows 98SE were issued in 2005. Edited July 27, 2006 by hp38guser Link to comment Share on other sites More sharing options...
LLXX Posted July 22, 2006 Share Posted July 22, 2006 Is it possible to use the Windows 2000 files from the ms06-015patch to fix the flaw in win98 because this could also patch the 2 GB file copy limit (KB318293)I don't think ms06-015 is that "critical", but I'm considering fixing the 2GB limit as my next project (currently Enable48BitLBA hasn't finalised yet) Link to comment Share on other sites More sharing options...
erpdude8 Posted July 24, 2006 Share Posted July 24, 2006 (edited) well it is too bad after MS02-014 shell32.dll fix for Win98/NT4 was released, TweakUI can no longer change the shortcut arrows on shortcut icons. That should no longer be a big issue as I can use Resource Hacker to either remove the shortcut arrows or even change the shortcut arrows to light arrows on the Q313829 shell32.dll file for Win98/NT4.nice graph charts, hp38guser.Well, i've quickly explored other vulnerabilities and can say:MS04-024 - probably can be fixed, but it is controversal;MS04-037 - can be fixed simply;MS05-008 - not sure if it can be fixed but it is better to not use IE;MS05-016 - not sure if it can be fixed but it is better to not use msHTA;MS05-024 - can be fixed for ME by using 2000 patch.MS05-008 & MS05-016 vulnerabilities for Win98/ME can NOT be fixed. For MS05-024 the vulnerability might also be fixed for Win98 SE since Win98se originally has webvw.dll version 5.00.0312.0.BTW - MS05-049 shell vulnerabilities can NOT be patched for Win98/ME because they're unaffected [duh!] Edited July 26, 2006 by erpdude8 Link to comment Share on other sites More sharing options...
erpdude8 Posted July 24, 2006 Share Posted July 24, 2006 (edited) Ok. Does it matter that the 2000 version of webvw.dll lower than the version for ME?the_guyMaybe you get an error message ,but what you can do to avoid this is changing the version to a higher one with "Resource Hacker" for example.winxpi has got a point. You may want to change the webvw.dll file version number from 5.00.3900.7036 to 5.50.4134.7036. I've just tested it on my WinME computer in my bedroom and things seem to be working okay. try using that file under Win98se to see if it'll work there. Edited July 24, 2006 by erpdude8 Link to comment Share on other sites More sharing options...
Tihiy Posted July 24, 2006 Share Posted July 24, 2006 winxpi has got a point. You may want to change the webvw.dll file version number from 5.00.3900.7036 to 5.50.4134.7036. I've just tested it on my WinME computer in my bedroom and things seem to be working okay. try using that file under Win98se to see if it'll work there.It won't work under clean 98 because of some dependancies, however it may work with Kernel Update.So do you guys want me to try fixing MS06-15 for WinME? Link to comment Share on other sites More sharing options...
the_guy Posted July 24, 2006 Share Posted July 24, 2006 Ya. That way it will be more secure.Also, if you patch MS04-024/MS04-037, that would be appreciated. The version of grpconv.exe included in the 2000 update also works on a 98SE system.the_guy Link to comment Share on other sites More sharing options...
erpdude8 Posted July 24, 2006 Share Posted July 24, 2006 (edited) Also, if you patch MS04-024/MS04-037, that would be appreciated. The version of grpconv.exe included in the 2000 update also works on a 98SE system.the_guyNOT TRUE! Grpconv.exe from Win2k MS04-037 update CRASHES on Win98/ME systems as I've tested for myself. Edited July 24, 2006 by erpdude8 Link to comment Share on other sites More sharing options...
the_guy Posted July 24, 2006 Share Posted July 24, 2006 Ok. I just tested dependencies. There ya have it. Will the NT4 version work though?the_guy Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now