Windows 95 turns 22 - still lurks inside Pentagon's critical systems
On August 24, 1995, Microsoft was releasing the highly acclaimed Windows 95 operating system (codename Chicago). It was the first 32-bit OS for home users, and it required at least an Intel 80386 CPU. This was probably the most important moment for the Redmond company, selling 40 million copies in the first year alone. Even though technology has evolved and Microsoft released 7 more operating systems in the meantime, it looks like Windows 95 is still hiding inside a bunch of systems across the world.
According to Dutch security researcher Victor Gevers, there still are seven computers connected to the internet and running Windows 95, all of them located in Taiwan. Mathew Hughes from TNW also informs that one of these computers is running an SMB file server and has already been compromised with DoublePulsar - the NSA-built hacking tool that was leaked and disseminated by The Shadow Brokers earlier this year. That makes sense, since Microsoft stopped releasing updates for Windows 95 in December 2001. Gevers further states that there could be many more Windows 95 PCs out there, behind firewalls, either as legacy or redundant systems, or simply as appliances. The computers are most likely not even connected to the Internet.
The most interesting bit of information comes from Daryl Haegley, program manager for the US Office of the Assistant Secretary of Defense for Energy, Installations and Environment. He claims that many of the critical computers inside the Pentagon are currently powered by unsupported Windows versions, including not only Windows XP (which is no longer getting updates since April 2014) but also releases that are more than 20 years old. This seems very surprising coming from an institution with a US$601 billion budget for 2015. “A lot of these systems are still Windows 95 or 98, and that’s OK—if they’re not connected to the internet,” Haegley concluded.
In other news, The United States Department of Defense should finalize the migration of all the Pentagon systems to Windows 10 this fall. Looks like the Pentagon administration found out about the CIA’s Vault 7 surveillance program and is doing everything they can to protect whatever was left un-hacked.