|
Posted by Jim Norton on January 12, 2006, 10:58 am
If you were Registered and logged in, you could reply and use other advanced thread options
Hi all,
When Microsoft de-supports an operating system, like Windows 98, does
Microsoft continue to release critical security patches in any way? If not,
I would assume there are security risks in running desupported operating
systems (If a security vulnerability is found, it will not be fixed.).
Can someone provide any insight into this. A document from Microsoft would
be ideal.
Thanks in advance
|
|
Posted by Shenan Stanley on January 12, 2006, 11:21 am
If you were Registered and logged in, you could reply and use other advanced thread options
Jim Norton wrote:
> When Microsoft de-supports an operating system, like Windows 98,
> does Microsoft continue to release critical security patches in any
> way? If not, I would assume there are security risks in running
> desupported operating systems (If a security vulnerability is
> found, it will not be fixed.).
> Can someone provide any insight into this. A document from
> Microsoft would be ideal.
"Unsupported" operating systems.
Your answer could have been found on the Microsoft Web Pages..
http://support.microsoft.com/lifecycle/?p1=6513
That refers to Windows 98 in particular.. And states (in case you hae
trouble getting to the page):
Paid incident support is now available through June 30, 2006. Extended
hotfix support for Windows 98 and Windows 98 Second Edition ended on June
30, 2003. Extended hotfix support for Windows Millennium Edition ended on
December 31, 2003. Online self-help support will continue to be available
until at least June 30, 2007. For more information about the type and length
of support provided, review the Windows 98, Windows 98 Second Edition, and
Windows Millennium Edition Support Extended Announcement Web site. Critical
security updates will be provided on the Windows Update site through June
30, 2006. Microsoft will not publicly release non-critical security hotfixes
for Windows 98, Windows 98 Second Edition, or Windows Millennium Edition.
However, customers may request a non-critical security hotfix through
On-Demand Security Hotfix support. This support is offered for these
products through June 30, 2006. When a request is received, Microsoft will
investigate the issue and try to provide an appropriate response to the
customer.
So, I would say that if you are still running Windows 98 by June 30th of
this year.. Stop.
Although - I cannot see trusting an OS for that long - especially one
already so natively insecure as Windows 9x.
--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html
|
|
Posted by Malke on January 12, 2006, 12:10 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> Hi all,
>
> When Microsoft de-supports an operating system, like Windows 98, does
> Microsoft continue to release critical security patches in any way?
> If not, I would assume there are security risks in running desupported
> operating systems (If a security vulnerability is found, it will not
> be fixed.).
>
> Can someone provide any insight into this. A document from Microsoft
> would be ideal.
>
An unsupported operating system no longer has security patches written
for it. You assume correctly that there are therefore risks in running
obsolete operating systems.
http://support.microsoft.com/lifecycle/?LN=en-us&x=5&y=6
http://www.microsoft.com/windows/lifecycle/default.mspx
Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User
|
|
Posted by Jesper [MSFT] on January 12, 2006, 12:32 pm
If you were Registered and logged in, you could reply and use other advanced thread options
updates are provided. Once extended support ends you only get updates under
a custom support agreement, which is available for a fee. There is more
information on the product lifecycles at
http://support.microsoft.com/default.aspx?scid=fh;[ln];lifecycle.
So, to answer your question, yes, there is a significant risk in running
unsupported products. Not only do you not get the benefits of what the world
has learned about security in the past 7-10 years, but you also do not get
updates for issues that may affect your product.
Jesper
--
Please do not send e-mail directly to this e-mail address. This address is
for newsgroup purposes only.
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of any included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
> Hi all,
>
> When Microsoft de-supports an operating system, like Windows 98, does
> Microsoft continue to release critical security patches in any way? If
> not, I would assume there are security risks in running desupported
> operating systems (If a security vulnerability is found, it will not be
> fixed.).
>
> Can someone provide any insight into this. A document from Microsoft
> would be ideal.
>
> Thanks in advance
>
|
|
Posted by karl levinson, mvp on January 13, 2006, 7:51 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Hi all,
>
> When Microsoft de-supports an operating system, like Windows 98, does
> Microsoft continue to release critical security patches in any way? If
> not, I would assume there are security risks in running desupported
> operating systems (If a security vulnerability is found, it will not be
> fixed.).
Windows 98 and Me are very unique in that MS committed to continuing to
release patches ONLY for vulnerabilities deemed critical in those OSes, and
then only to release the patches via the Windows Update web site, and those
98/Me patches are not guaranteed to be released right away with the other
patches.
Microsoft does not plan to do this for other OSes.
There has been some misinformation floating around regarding support for XP.
www.incidents.org incorrectly reported that MS was retiring support for XP
Pro, which is not true. MS was going to retire support for XP Home, media
center, etc. at the end of this year but extended / simplified their policy
to commit to patches and support until two years after the release of the
corresponding Windows Vista product. The MS support policy is in a bit of
change right now.
|
| Similar Threads | Posted | | iTunes security risks | January 24, 2008, 7:15 pm |
| Microsoft 'taking security risks' | October 3, 2006, 12:39 am |
| New Information Systems Security Forum | May 12, 2007, 5:53 pm |
| IE part of the operating system | January 17, 2006, 3:44 pm |
| Antivirus protection compatible w/Windows XP - 64 Bit Operating Sy | August 10, 2006, 2:18 pm |
| Pop Up Risks | July 7, 2005, 3:40 pm |
| Event log Systems | October 30, 2006, 8:56 pm |
| Multifunction systems | March 22, 2007, 3:38 pm |
| How do you audit your systems? | August 5, 2007, 3:18 pm |
| Multiple systems logged onto at once | January 25, 2007, 8:46 am |
|
XML site map