Microsoft Plus 98 Exposed Passwords in Compressed Files Vulnerability Patch

Plus 98, an optional package that extends Windows 98 and Windows 98 Second Edition, introduced a data-compression feature called Compressed Folders that was also included in Windows Me. For interoperability with leading third-party compression tools, it provides a password protection option for folders that have been compressed. However, due to a flaw in the package s implementation, the passwords used to protect the folders are recorded in a file on the user s system. If an attacker gained access to an affected machine on which password-protected folders were stored, she could learn the passwords and access the files.The patch will prevent passwords from being written to the user s system in the future. After applying the patch, it is important to also delete c:windowsdynazip.log to ensure that all previously recorded passwords are deleted.
File Size205.16 kB
VersionMS01-019 (3/28/01)
Operating System Windows Windows 98
System RequirementsWindows 98, Microsoft Plus 98


You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All