Microsoft has acknowledged that there is a bug in copies of Windows 95 and 98 that could enable a malicious person to control your system via an email message.
The company has hastily released a patch for the bug, which could enable an attacker to hide code in an email message or Web page to modify files, reformat the hard drive or execute DOS commands. It was discovered by a team of US scientists.
The software giant has issued a patch which it said eliminates the security vulnerability in Microsoft's Java virtual machine (VM).
“The vulnerability could allow a Java applet to take virtually any action on the computer of a Web site visitor,” it admitted in a security statement.
Microsoft VM is a virtual machine for the Win32 operating environment. It runs on top of Microsoft Windows 95, Windows 98 and Windows NT. It ships as part of each operating system and also as part of MS Internet Explorer.
Microsoft confirmed that the Microsoft VM that ships with Internet Explorer 4.0 and Internet Explorer 5.0 contains the security hole that could allow a Java applet to operate outside the bounds of the “sandbox”, which normally restricts applet actions and allows them to take control of the computer.
Microsoft said that MS VM ships as part of a number of Microsoft products, including Visual Studio. By far the most prevalent products with it are Internet Explorer 4.0 and 5.0. Microsoft recommends that anyone using either of these versions should apply the patch, which is downloadable from its Web site.
Windows users who have not downloaded the patch and have not disabled Java will be vulnerable to anyone who knows the technical details of the security hole, maintain bug watchers.
14nm Cavium ThunderX2 CPUs deployed in HPE Apollo 70 supercomputer for US National Nuclear Security Administration
MWR's Countercept platform and phishd technologies key to F-Secure acquisition
Brexit labour shortages will lead to higher adoption of robotics
Newbies will be thrown in with the big boys on Sanhok as Kar98 fodder