Critical Updates Package. This package protects your Windows 98/98 SE computer from a variety of security vulnerabilities with patches that have been previously released only as separate downloads. The Critical Updates package will appear on the Windows 98 Update site whenever a new security patch or similar update becomes available. The packages are also cumulative, so any older patches that you haven't downloaded yet will be included with the download for the newer security patches.
The current update package was last updated on August 25, 2000 with the latest update for the Microsoft virtual machine (Microsoft VM Build 3309), which resolves the "Java VM Applet" security vulnerability. Previous Critical Update releases included a security update on June 2, 2000 that resolved the "SSL Certificate Validation" security vulnerabilities in Internet Explorer 4/5 and another on May 19, 2000 for the "IP Fragment Reassembly" vulnerability in Windows 98/98 SE. Release Date: 8/25/00Upgrade Meter:4
Windows Security Update. The latest Windows Security Update eliminates the "DOS Device in Path Name" vulnerability in Windows 98 and Windows 98 Second Edition, the patch for which was previously available as a separate download. Installing this update will prevent a malicious user from causing your computer to crash by accessing a file or folder whose path contains certain reserved words. Release Date: 3/17/00Upgrade Meter:2
SGC High Encryption Critical Update. Without this update some computers are unable to connect to Web servers that use Server Gated Cryptography (SGC) for strong encryption. Installing this update will eliminate these connection failures. This update is eligible for export worldwide from the U.S., except to U.S. embargoed destinations. Release Date: 3/3/00Upgrade Meter:4
Internet Explorer Security Update. The latest security update for IE eliminates the "Image Source Redirect" vulnerability found in Internet Explorer. Without this update, a malicious Web site operator could read (but not add, change, or delete) certain types of files on your computer. All versions of IE 4 and 5 are susceptible to this vulnerability. Release Date: 2/9/00Upgrade Meter:2
Windows Security Update. This Windows Security Update eliminates the "Malformed RTF Control Word" vulnerability in Windows 98, the patch for which was previously available as a separate download. Installing this update will prevent a malicious user from sending a specially malformed e-mail and crashing your e-mail reader. Release Date: 1/17/00Upgrade Meter:2
Schannel.DLL Update. Internet Explorer 5.01 contains an incorrect internal key in the Schannel.DLL file that could cause programs and services on your computer that use Secure Socket Layer (SSL) or Security Support Provider Interface (SSPI) to no longer function. This update replaces the problematic file with a corrected Schannel.DLL file. Release Date: 1/11/00Upgrade Meter:2
