Spyware Doctor
Spyware Doctor with AntiVirus
PC Tools AntiVirus
PC Tools Internet Security
PC Tools Firewall Plus
ThreatFire
Spam Monitor
Registry Mechanic
Desktop Maestro
File Recover
Privacy Guardian
Spyware Doctor Enterprise
Help me choose
Legacy Credential Caching Vulnerability
A security vulnerability exists in Microsoft® Windows® 95 and 98 caused by a legacy mechanism for caching network security credentials which, if exploited, could allow a user's plaintext network password to be retrieved from the cache.
Issue
Windows for Workgroups provided a RAM-based caching mechanism that cached the user's plaintext network credentials for use by real-mode command-line networking utilities. Part of this mechanism was carried forward into the Windows 95 and 98 designs, even though it is not used by either. A malicious user could query this mechanism to obtain the network credentials of the last person to use the machine for network access, as long as they had physical access to the machine and it had not been rebooted since the last networking session.
Affected Products
- Windows 95 and 98
Solution
Patchs are available from the following locations:
- Windows 95:
http://download.microsoft.com/download/win95/update/
168115/w95/en-us/168115us5.exe - Windows 98:
http://download.microsoft.com/download/win98/update/
168115/w98/en-us/168115us8.exe
Further Details
Source: Microsoft Corporation
Reference: Microsoft Corporation
Updated: November 29, 1999
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
