Windows 98 & 98SE Security Patch: Invalid Universal Plug and Play Request can Disrupt System Operation.
Microsoft has released a patch that will eliminate a possible Vulnerability that may result because the UPnP service does not correctly handle certain types of invalid UPnP requests. On Windows 98, 98SE, and ME systems, receiving such a request could cause a variety of effects ranging from slow performance to system failure. Download now to prevent a possible system failure.
Customers using Microsoft® Windows® ME or XP, or who have installed the Windows XP Internet Connection Sharing client on Windows 98 or 98SE.
Impact of vulnerability: Denial of service
Maximum Severity Rating: Low
Recommendation: Windows XP customers should apply the Critical Update listed below in Patch Availability, as it contains fixes for a number of issues, including this one. Customers using Windows 98, 98SE or ME should apply the patch if the Universal Plug and Play service is installed and running.
Affected Software:
Microsoft Windows 98
Microsoft Windows 98SE
Microsoft Windows ME
Microsoft Windows XP
Note: Windows 98 and 98SE are only affected if the Internet Connection Sharing that ships with Windows XP has been installed on the machine.
Download locations for this patch
Microsoft 98 and 98SE
Microsoft ME
Microsoft XP This issue is eliminated via the update titled "Windows XP Update Package, October 25, 2001"
Microsoft has released a patch that will eliminate a possible Vulnerability that may result because the UPnP service does not correctly handle certain types of invalid UPnP requests. On Windows 98, 98SE, and ME systems, receiving such a request could cause a variety of effects ranging from slow performance to system failure. Download now to prevent a possible system failure.
Customers using Microsoft® Windows® ME or XP, or who have installed the Windows XP Internet Connection Sharing client on Windows 98 or 98SE.
Impact of vulnerability: Denial of service
Maximum Severity Rating: Low
Recommendation: Windows XP customers should apply the Critical Update listed below in Patch Availability, as it contains fixes for a number of issues, including this one. Customers using Windows 98, 98SE or ME should apply the patch if the Universal Plug and Play service is installed and running.
Affected Software:
Microsoft Windows 98
Microsoft Windows 98SE
Microsoft Windows ME
Microsoft Windows XP
Note: Windows 98 and 98SE are only affected if the Internet Connection Sharing that ships with Windows XP has been installed on the machine.
Download locations for this patch
Microsoft 98 and 98SE
Microsoft ME
Microsoft XP This issue is eliminated via the update titled "Windows XP Update Package, October 25, 2001"
