Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions.

[bfiero () MENTALFLOSS NET (Bob Fiero)]

At 09:12 PM 4/21/2000 -0500, you wrote:
> Your having stripped Internet Explorer and/or dropping in Win95
> explore.exe might well be what has caused ths to not function on your end.

Zoa_Chien sent me an example for exploiting this with Eudora, it was very
effective in making my e-mail unaccessible. He also was kind enough to
mention in the e-mail how to make Eudora usable again, but if it wasn't for
me poking around files within Eudora with Edit, I never would have found it. :)

> Course, my interest is in what you did to strip out Internet Explorer, it
> was my understanding that doing so broked much of the OS....

Contrary to popular belief, Windows 98 without IE fixes much of the OS.
Most noted is the unending slew of bugs and vulnerabilities that IE and
Outlook bring to the OS. I most enjoy the large performance increase. I use
a utility called 98Lite that can be found at http://www.98lite.net and have
systems that outperform and are more secure than any Win98 systems setup as
Microsoft would have you believe they need to be. I never have allowed IE
to ever touch my hard disks, and would still be using Win95 (and
Netware/Linux for my servers) if it wasn't for this great utility.

This configuration alone, in my opinion, is more than enough proof to me
that MS is guilty of harming consumers for the sole purpose of business
gain. Each and every person who has tried this configuration has come to
realize the harm integrating IE has done to consumers, and would never
consider allowing IE to "muck up" his or her system again.