SANS: Status of Windows 98, Windows ME and WMF?

Is there risk?

Win9x has the flawed gdi32.dll library. In the initial advisory, which is no longer online, Microsoft listed that win9x in the company of all of the other vulnerable operating systems.

However, win9x is slightly different from the more recent Windows versions in the way it works. These differences are enough to prevent the current and publicly known exploits from working. It does seem that Microsoft is confident that these differences are substantial enough to keep win9x tailored WMF exploits from becoming available.

So to answer the question above, yes there is a risk. Win9x is most likely vulnerable but there is no clear and present threat (yet!). SANS - Internet Storm Center - Cooperative Cyber Threat Monitor And Alert System

Linked by shanmuga Sunday, 8th January 2006 9:19PM