Microsoft Plus 98 Exposed Passwords in Compressed Files Vulnerability Patch for Windows

Name: Microsoft Plus 98 Exposed Passwords in Compressed Files Vulnerability Patch
Rating: 1 (1 reviews)
Author: Microsoft

Download now

Used Microsoft Plus 98 Exposed Passwords in Compressed Files Vulnerability Patch for Windows? Share your experience and help other users.

Clicking on the Download Now (Visit Site) button above will open a connection to a third-party site. Download.com cannot completely ensure the security of the software hosted on third-party sites.

Developer’s Description

By Microsoft

Use this to patch a security vulnerability that could reveal the password to compressed files.

Plus 98, an optional package that extends Windows 98 and Windows 98 Second Edition, introduced a data-compression feature called Compressed Folders that was also included in Windows Me. For interoperability with leading third-party compression tools, it provides a password protection option for folders that have been compressed. However, due to a flaw in the package s implementation, the passwords used to protect the folders are recorded in a file on the user s system. If an attacker gained access to an affected machine on which password-protected folders were stored, she could learn the passwords and access the files.

The patch will prevent passwords from being written to the user s system in the future. After applying the patch, it is important to also delete c:windowsdynazip.log to ensure that all previously recorded passwords are deleted.