Windows Me Exposed Passwords in Compressed Files Vulnerability Patch

Name: Windows Me Exposed Passwords in Compressed Files Vulnerability Patch
Rating: 2.8 (4 reviews)
Author: Microsoft

Download now

Used Windows Me Exposed Passwords in Compressed Files Vulnerability Patch for Windows?

Developer’s Description

By Microsoft

Patch a security vulnerability in Windows Me allowing data-compression passwords to be recovered.

Windows Me contains a data-compression feature called Compressed Folders. For interoperability with leading third-party compression tools, it provides a password-protection option for folders that have been compressed. However, due to a flaw in the package's implementation, the passwords used to protect the folders are recorded in a file on the user's system. If an attacker gained access to an affected machine on which password-protected folders were stored, she could learn the passwords and access the files.

The patch will prevent passwords from being written to the user's system in the future. However, as discussed in the FAQ, after applying the patch, it is important to also delete c:windowsdynazip.log to ensure that all previously-recorded passwords are deleted.