Overview – Windows NT 4.0 and Windows 98 Threat Mitigation:
http://www.microsoft.com/technet/security/guidance/threatmi.mspx

I could say this in one sentence….. “Threat mitigation for NT and 98 consists of killing them off” and then once we kill them off let’s go after vendors who want local admin rights, shall we?

 

2 Responses to But, wait… they don’t have security in the first place?

  1. We tried the one sentence version, but MS (quite reasonably) pointed out that they have to have *something* to tell their many users who haven’t migrated off those platforms yet. You probably know how many orgs are still running legacy OS machines because they can’t/won’t update their LOB/custom apps, and this is directed pretty squarely at them. This guide will give them the best possible mitigation, but ultimately the best path is for them to upgrade.

    As for going after vendors– I’m all about that! Why don’t you start a Wall of Shame where we can all contribute names of offenders?