Chris H. wrote:
> Incorrect, Jim. Users should wait for the official patch, and not
> risk (1) going to some web site not connected with Microsoft, and (2)
> not installing some "patch" or other software on their machine from
> an unknown source.
> As noted in the security bulletin issued, there are specific
> instances where this violation of a computer can take place, and they
> include being lured to a web site.
>
> Protection of the computer will come with intelligent computer usage,
> including not visiting an unknown site for a "fix" not coming
> directly from Microsoft.
>

If you believe the security bulletin you are have obviously not seen this
exploit in action. Build a test machine, fully update Windows, install your
antivirus and antispyware apps of choice and go to one of the many known
sites that use this exploit. The machine will be infected, no if, ands, or
buts. The people using the exploit are changing it often enough that the
antivirus/spyware/malware apps can't keep up. I have tried it. have you? It
was scary. I immediately ran the unofficial patch on my own machines. By the
way many sites you think may be safe are not, knoppix-std dot org is one
site that was known to be hacked and was distributing malware via this
exploit. To most this would certainly seem to be a safe site. Many on these
newsgroups regularly recommend using knoppix.

Kerry




> "Jim" <reply@groups.please> wrote in message
> news:kMwuf.37341$Lb1.8673@bignews3.bellsouth.net.. .
>> Chris,
>>
>> You are acting in an extremely irresponsible manner. This is one
>> of the largest exploits ever to hit the Windows platform (in number
>> of machines affected), and you are telling people to do nothing.
>>
>> The only thing more irresponsible than your post is Microsoft's
>> refusal to take immediate action for such an exploit.
>>
>> Jim
>>
>> "Chris H." <winxpnews@hotmail.com> wrote in message
>> news:um047fHEGHA.140@TK2MSFTNGP12.phx.gbl...
>>> Microsoft has not released a patch at this point. Please do not
>>> download or install a patch from any other source.
>>> --
>>> Chris H.
>>> Microsoft Windows MVP/Tablet PC
>>> Tablet Creations - http://nicecreations.us/
>>> Associate Expert
>>> Expert Zone - www.microsoft.com/windowsxp/expertzone

This is a typical response from Chris who only trusts MS's word as gospel.
But rather than linking directly to the EXE you should link to the page
where the user can download it. Direct EXE links are irresponsible to click
as well. Especially considering that they are so easily spoofed.

--
Josh Einstein
Tablet Enhancements for Outlook 2.0 - Try it free for 14 days
www.tabletoutlook.com

"Jim" <reply@groups.please> wrote in message
news:kMwuf.37341$Lb1.8673@bignews3.bellsouth.net.. .
> Chris,
>
> You are acting in an extremely irresponsible manner. This is one of
> the largest exploits ever to hit the Windows platform (in number of
> machines affected), and you are telling people to do nothing.
>
> The only thing more irresponsible than your post is Microsoft's refusal
> to take immediate action for such an exploit.
>
> Jim
>
> "Chris H." <winxpnews@hotmail.com> wrote in message
> news:um047fHEGHA.140@TK2MSFTNGP12.phx.gbl...
>> Microsoft has not released a patch at this point. Please do not download
>> or install a patch from any other source.
>> --
>> Chris H.
>> Microsoft Windows MVP/Tablet PC
>> Tablet Creations - http://nicecreations.us/
>> Associate Expert
>> Expert Zone - www.microsoft.com/windowsxp/expertzone
>>
>>
>
>

By the way, I got a patch at www.grc.com (another well known Windows
security expert) who links to Ilfak Guilfanov's temporary patch.

--
Josh Einstein
Tablet Enhancements for Outlook 2.0 - Try it free for 14 days
www.tabletoutlook.com

"Josh Einstein" <josheinstein@hotmail.com> wrote in message
news:u8AIybIEGHA.3000@TK2MSFTNGP14.phx.gbl...
> This is a typical response from Chris who only trusts MS's word as gospel.
> But rather than linking directly to the EXE you should link to the page
> where the user can download it. Direct EXE links are irresponsible to
> click as well. Especially considering that they are so easily spoofed.
>
> --
> Josh Einstein
> Tablet Enhancements for Outlook 2.0 - Try it free for 14 days
> www.tabletoutlook.com
>
> "Jim" <reply@groups.please> wrote in message
> news:kMwuf.37341$Lb1.8673@bignews3.bellsouth.net.. .
>> Chris,
>>
>> You are acting in an extremely irresponsible manner. This is one of
>> the largest exploits ever to hit the Windows platform (in number of
>> machines affected), and you are telling people to do nothing.
>>
>> The only thing more irresponsible than your post is Microsoft's
>> refusal to take immediate action for such an exploit.
>>
>> Jim
>>
>> "Chris H." <winxpnews@hotmail.com> wrote in message
>> news:um047fHEGHA.140@TK2MSFTNGP12.phx.gbl...
>>> Microsoft has not released a patch at this point. Please do not
>>> download or install a patch from any other source.
>>> --
>>> Chris H.
>>> Microsoft Windows MVP/Tablet PC
>>> Tablet Creations - http://nicecreations.us/
>>> Associate Expert
>>> Expert Zone - www.microsoft.com/windowsxp/expertzone
>>>
>>>
>>
>>
>
>

WMF info at
F-Secure...http://www.f-secure.com/weblog/archi....html#00000756...
and ...http://www.f-secure.com/weblog/archi....html#00000762
..

" MS Confirms WMF Flaw, Variants Spread Linked by Thom Holwerda on
2005-12-31 16:55:55 Microsoft acknowledged late Wednesday the existence of a
zero-day exploit for Windows Metafile images, and said it was looking into
ways to better protect its customers. Even worse, by the end of the day
nearly 50 variants of the exploit had already appeared. One security company
said the possibilities were endless on how the flaw could be exploited.
'This vulnerability can be used to install any type of malicious code, not
just Trojans and spyware, but also worms, bots or viruses that can cause
irreparable damage to computers,' said Luis Corrons of Panda Software." -
http://www.osnews.com/story.php?news_id=13136

Antivirus programs are not all detecting the new variants -
http://isc.sans.org/diary.php?storyid=998 .

It's up to you. If you think that your AV program will catch ALL variants
of a new exploit that can allow remote execution of code and remote control
of your personal or company PCs, by all means, float on.

On the other hand, if you cannot afford to take a chance with your personal
or company PCs and data, patch your systems by running
http://handlers.sans.org/tliston/wmffix_hexblog14.exe .

Your life.....your data.....your choice.

Jim



"Chris H." <winxpnews@hotmail.com> wrote in message
news:uingHAIEGHA.2504@TK2MSFTNGP09.phx.gbl...
> Incorrect, Jim. Users should wait for the official patch, and not risk
> (1) going to some web site not connected with Microsoft, and (2) not
> installing some "patch" or other software on their machine from an unknown
> source.
>
> As noted in the security bulletin issued, there are specific instances
> where this violation of a computer can take place, and they include being
> lured to a web site.
>
> Protection of the computer will come with intelligent computer usage,
> including not visiting an unknown site for a "fix" not coming directly
> from Microsoft.
> --
> Chris H.
> Microsoft Windows MVP/Tablet PC
> Tablet Creations - http://nicecreations.us/
> Associate Expert
> Expert Zone - www.microsoft.com/windowsxp/expertzone
>
>
> "Jim" <reply@groups.please> wrote in message
> news:kMwuf.37341$Lb1.8673@bignews3.bellsouth.net.. .
>> Chris,
>>
>> You are acting in an extremely irresponsible manner. This is one of
>> the largest exploits ever to hit the Windows platform (in number of
>> machines affected), and you are telling people to do nothing.
>>
>> The only thing more irresponsible than your post is Microsoft's
>> refusal to take immediate action for such an exploit.
>>
>> Jim
>>
>> "Chris H." <winxpnews@hotmail.com> wrote in message
>> news:um047fHEGHA.140@TK2MSFTNGP12.phx.gbl...
>>> Microsoft has not released a patch at this point. Please do not
>>> download or install a patch from any other source.
>>> --
>>> Chris H.
>>> Microsoft Windows MVP/Tablet PC
>>> Tablet Creations - http://nicecreations.us/
>>> Associate Expert
>>> Expert Zone - www.microsoft.com/windowsxp/expertzone
>>>
>>>
>>
>>
>
>

"Josh Einstein" <josheinstein@hotmail.com> wrote in message
news:u8AIybIEGHA.3000@TK2MSFTNGP14.phx.gbl...
> This is a typical response from Chris who only trusts MS's word as gospel.
> But rather than linking directly to the EXE you should link to the page
> where the user can download it. Direct EXE links are irresponsible to
> click as well. Especially considering that they are so easily spoofed.

True enough.

More sites advise use of the unofficial patch.....
http://news.ft.com/cms/s/0d644d5e-7b...0779e2340.html
http://www.f-secure.com/weblog/archi....html#00000756

Always get more than one source to verify the trustworthiness of any
download links......even mine.

Jim


>
> --
> Josh Einstein
> Tablet Enhancements for Outlook 2.0 - Try it free for 14 days
> www.tabletoutlook.com
>
> "Jim" <reply@groups.please> wrote in message
> news:kMwuf.37341$Lb1.8673@bignews3.bellsouth.net.. .
>> Chris,
>>
>> You are acting in an extremely irresponsible manner. This is one of
>> the largest exploits ever to hit the Windows platform (in number of
>> machines affected), and you are telling people to do nothing.
>>
>> The only thing more irresponsible than your post is Microsoft's
>> refusal to take immediate action for such an exploit.
>>
>> Jim
>>
>> "Chris H." <winxpnews@hotmail.com> wrote in message
>> news:um047fHEGHA.140@TK2MSFTNGP12.phx.gbl...
>>> Microsoft has not released a patch at this point. Please do not
>>> download or install a patch from any other source.
>>> --
>>> Chris H.
>>> Microsoft Windows MVP/Tablet PC
>>> Tablet Creations - http://nicecreations.us/
>>> Associate Expert
>>> Expert Zone - www.microsoft.com/windowsxp/expertzone
>>>
>>>
>>
>>
>
>

Please speak for yourself only, Josh. This is a serious subject, and you
shouldn't be letting your personal opinions about people interfere with
guiding users in the right direction. It is irresponsible for anyone
download and install such an unknown, untested patch. Microsoft's security
bulletin, in part, already issued on the subject:
=====
Microsoft Security Advisory (912840)
Vulnerability in Graphics Rendering Engine Could Allow Remote Code
Execution.
Microsoft is investigating new public reports of a vulnerability in Windows.
Microsoft will continue to investigate the public reports to help provide
additional guidance for customers.
Microsoft is aware of detailed exploit code that could allow an attacker to
execute arbitrary code in the security context of the logged on user when
visiting a Web site, which contains a specially crafted Windows Metafile
(WMF) image. An attacker would have no way to force users to visit a
malicious Web site. Instead, an attacker would have to persuade them to
visit the Web site, typically by getting them to click a link that takes
them to the attacker's Web site.
Customers are encouraged to keep their antivirus software up to date. The
Microsoft Windows AntiSpyware (Beta) can also help protect your system from
spyware and other potentially unwanted software. We will continue to
investigate these public reports.
Upon completion of this investigation, Microsoft will take the appropriate
action to help protect our customers. This will include providing a security
update through our monthly release process or providing an out-of-cycle
security update, depending on customer needs.
Microsoft encourages users to exercise caution when they open e-mail and
links in e-mail from untrusted sources. For more information about Safe
Browsing, visit the Trustworthy Computing Web site.
We continue to encourage customers to follow our Protect Your PC guidance of
enabling a firewall, applying software updates and installing antivirus
software. Customers can learn more about these steps at the Protect Your PC
Web site.
Customers who believe they may have been affected by this issue can contact
Product Support Services. You can contact Product Support Services in the
United States and Canada at no charge using the PC Safety line (1
866-PCSAFETY). Customers outside of the United States and Canada can locate
the number for no-charge virus support by visiting the Microsoft Help and
Support Web site.
Mitigating Factors:
· In a Web-based attack scenario, an attacker would have to host a
Web site that contains a Web page that is used to exploit this
vulnerability. An attacker would have no way to force users to visit a
malicious Web site. Instead, an attacker would have to persuade them to
visit the Web site, typically by getting them to click a link that takes
them to the attacker's Web site.
· An attacker who successfully exploited this vulnerability could
gain the same user rights as the local user. Users whose accounts are
configured to have fewer user rights on the system could be less impacted
than users who operate with administrative user rights.
· By default, Internet Explorer on Windows Server 2003, on Windows
Server 2003 Service Pack 1, on Windows Server 2003 with Service Pack 1 for
Itanium-based Systems, and on Windows Server 2003 x64 Edition runs in a
restricted mode that is known as Enhanced Security Configuration This mode
mitigates this vulnerability where the e-mail vector is concerned although
clicking on a link would still put users at risk. In Windows Server 2003,
Microsoft Outlook Express uses plain text for reading and sending messages
by default. When replying to an e-mail message that is sent in another
format, the response is formatted in plain text. See the FAQ section of this
vulnerability for more information about Internet Explorer Enhanced Security
Configuration.
=====
--
Chris H.
Microsoft Windows MVP/Tablet PC
Tablet Creations - http://nicecreations.us/
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone

"Josh Einstein" <josheinstein@hotmail.com> wrote in message
news:u8AIybIEGHA.3000@TK2MSFTNGP14.phx.gbl...
> This is a typical response from Chris who only trusts MS's word as gospel.
> But rather than linking directly to the EXE you should link to the page
> where the user can download it. Direct EXE links are irresponsible to
> click as well. Especially considering that they are so easily spoofed.
>
> --
> Josh Einstein
> Tablet Enhancements for Outlook 2.0 - Try it free for 14 days
> www.tabletoutlook.com
>
> "Jim" <reply@groups.please> wrote in message
> news:kMwuf.37341$Lb1.8673@bignews3.bellsouth.net.. .
>> Chris,
>>
>> You are acting in an extremely irresponsible manner. This is one of
>> the largest exploits ever to hit the Windows platform (in number of
>> machines affected), and you are telling people to do nothing.
>>
>> The only thing more irresponsible than your post is Microsoft's
>> refusal to take immediate action for such an exploit.
>>
>> Jim
>>
>> "Chris H." <winxpnews@hotmail.com> wrote in message
>> news:um047fHEGHA.140@TK2MSFTNGP12.phx.gbl...
>>> Microsoft has not released a patch at this point. Please do not
>>> download or install a patch from any other source.
>>> --
>>> Chris H.
>>> Microsoft Windows MVP/Tablet PC
>>> Tablet Creations - http://nicecreations.us/
>>> Associate Expert
>>> Expert Zone - www.microsoft.com/windowsxp/expertzone
>>>
>>>
>>
>>
>
>

I'm just saying people should trust security experts. There *are* people out
there more qualified to give security guidance than you or MS. SANS,
F-secure, and Steve Gibson are 3 such parties.

The patch may be unknown to or untested by you, but not to those security
experts.

--
Josh Einstein
Tablet Enhancements for Outlook 2.0 - Try it free for 14 days
www.tabletoutlook.com

"Chris H." <winxpnews@hotmail.com> wrote in message
news:eNZBS6IEGHA.140@TK2MSFTNGP12.phx.gbl...
> Please speak for yourself only, Josh. This is a serious subject, and you
> shouldn't be letting your personal opinions about people interfere with
> guiding users in the right direction. It is irresponsible for anyone
> download and install such an unknown, untested patch. Microsoft's
> security bulletin, in part, already issued on the subject:
> =====
> Microsoft Security Advisory (912840)
> Vulnerability in Graphics Rendering Engine Could Allow Remote Code
> Execution.
> Microsoft is investigating new public reports of a vulnerability in
> Windows. Microsoft will continue to investigate the public reports to help
> provide additional guidance for customers.
> Microsoft is aware of detailed exploit code that could allow an attacker
> to execute arbitrary code in the security context of the logged on user
> when visiting a Web site, which contains a specially crafted Windows
> Metafile (WMF) image. An attacker would have no way to force users to
> visit a malicious Web site. Instead, an attacker would have to persuade
> them to visit the Web site, typically by getting them to click a link that
> takes them to the attacker's Web site.
> Customers are encouraged to keep their antivirus software up to date. The
> Microsoft Windows AntiSpyware (Beta) can also help protect your system
> from spyware and other potentially unwanted software. We will continue to
> investigate these public reports.
> Upon completion of this investigation, Microsoft will take the appropriate
> action to help protect our customers. This will include providing a
> security update through our monthly release process or providing an
> out-of-cycle security update, depending on customer needs.
> Microsoft encourages users to exercise caution when they open e-mail and
> links in e-mail from untrusted sources. For more information about Safe
> Browsing, visit the Trustworthy Computing Web site.
> We continue to encourage customers to follow our Protect Your PC guidance
> of enabling a firewall, applying software updates and installing antivirus
> software. Customers can learn more about these steps at the Protect Your
> PC Web site.
> Customers who believe they may have been affected by this issue can
> contact Product Support Services. You can contact Product Support Services
> in the United States and Canada at no charge using the PC Safety line (1
> 866-PCSAFETY). Customers outside of the United States and Canada can
> locate the number for no-charge virus support by visiting the Microsoft
> Help and Support Web site.
> Mitigating Factors:
> · In a Web-based attack scenario, an attacker would have to host
> a Web site that contains a Web page that is used to exploit this
> vulnerability. An attacker would have no way to force users to visit a
> malicious Web site. Instead, an attacker would have to persuade them to
> visit the Web site, typically by getting them to click a link that takes
> them to the attacker's Web site.
> · An attacker who successfully exploited this vulnerability could
> gain the same user rights as the local user. Users whose accounts are
> configured to have fewer user rights on the system could be less impacted
> than users who operate with administrative user rights.
> · By default, Internet Explorer on Windows Server 2003, on
> Windows Server 2003 Service Pack 1, on Windows Server 2003 with Service
> Pack 1 for Itanium-based Systems, and on Windows Server 2003 x64 Edition
> runs in a restricted mode that is known as Enhanced Security Configuration
> This mode mitigates this vulnerability where the e-mail vector is
> concerned although clicking on a link would still put users at risk. In
> Windows Server 2003, Microsoft Outlook Express uses plain text for reading
> and sending messages by default. When replying to an e-mail message that
> is sent in another format, the response is formatted in plain text. See
> the FAQ section of this vulnerability for more information about Internet
> Explorer Enhanced Security Configuration.
> =====
> --
> Chris H.
> Microsoft Windows MVP/Tablet PC
> Tablet Creations - http://nicecreations.us/
> Associate Expert
> Expert Zone - www.microsoft.com/windowsxp/expertzone
>
> "Josh Einstein" <josheinstein@hotmail.com> wrote in message
> news:u8AIybIEGHA.3000@TK2MSFTNGP14.phx.gbl...
>> This is a typical response from Chris who only trusts MS's word as
>> gospel. But rather than linking directly to the EXE you should link to
>> the page where the user can download it. Direct EXE links are
>> irresponsible to click as well. Especially considering that they are so
>> easily spoofed.
>>
>> --
>> Josh Einstein
>> Tablet Enhancements for Outlook 2.0 - Try it free for 14 days
>> www.tabletoutlook.com
>>
>> "Jim" <reply@groups.please> wrote in message
>> news:kMwuf.37341$Lb1.8673@bignews3.bellsouth.net.. .
>>> Chris,
>>>
>>> You are acting in an extremely irresponsible manner. This is one of
>>> the largest exploits ever to hit the Windows platform (in number of
>>> machines affected), and you are telling people to do nothing.
>>>
>>> The only thing more irresponsible than your post is Microsoft's
>>> refusal to take immediate action for such an exploit.
>>>
>>> Jim
>>>
>>> "Chris H." <winxpnews@hotmail.com> wrote in message
>>> news:um047fHEGHA.140@TK2MSFTNGP12.phx.gbl...
>>>> Microsoft has not released a patch at this point. Please do not
>>>> download or install a patch from any other source.
>>>> --
>>>> Chris H.
>>>> Microsoft Windows MVP/Tablet PC
>>>> Tablet Creations - http://nicecreations.us/
>>>> Associate Expert
>>>> Expert Zone - www.microsoft.com/windowsxp/expertzone
>>>>
>>>>
>>>
>>>
>>
>>
>
>

Yes, they should. How you can trust some sites which have claimed for more
than four years that Universal Plug and Play is going to "bring down the
Internet." ROFLOL! Yup, the Internet failed in 2001. Right.
--
Chris H.
Microsoft Windows MVP/Tablet PC
Tablet Creations - http://nicecreations.us/
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone


"Josh Einstein" <josheinstein@hotmail.com> wrote in message
news:OddXjBJEGHA.2036@TK2MSFTNGP14.phx.gbl...
> I'm just saying people should trust security experts. There *are* people
> out there more qualified to give security guidance than you or MS. SANS,
> F-secure, and Steve Gibson are 3 such parties.
>
> The patch may be unknown to or untested by you, but not to those security
> experts.
>
> --
> Josh Einstein
> Tablet Enhancements for Outlook 2.0 - Try it free for 14 days
> www.tabletoutlook.com
>
> "Chris H." <winxpnews@hotmail.com> wrote in message
> news:eNZBS6IEGHA.140@TK2MSFTNGP12.phx.gbl...
>> Please speak for yourself only, Josh. This is a serious subject, and you
>> shouldn't be letting your personal opinions about people interfere with
>> guiding users in the right direction. It is irresponsible for anyone
>> download and install such an unknown, untested patch. Microsoft's
>> security bulletin, in part, already issued on the subject:
>> =====
>> Microsoft Security Advisory (912840)
>> Vulnerability in Graphics Rendering Engine Could Allow Remote Code
>> Execution.
>> Microsoft is investigating new public reports of a vulnerability in
>> Windows. Microsoft will continue to investigate the public reports to
>> help provide additional guidance for customers.
>> Microsoft is aware of detailed exploit code that could allow an attacker
>> to execute arbitrary code in the security context of the logged on user
>> when visiting a Web site, which contains a specially crafted Windows
>> Metafile (WMF) image. An attacker would have no way to force users to
>> visit a malicious Web site. Instead, an attacker would have to persuade
>> them to visit the Web site, typically by getting them to click a link
>> that takes them to the attacker's Web site.
>> Customers are encouraged to keep their antivirus software up to date. The
>> Microsoft Windows AntiSpyware (Beta) can also help protect your system
>> from spyware and other potentially unwanted software. We will continue to
>> investigate these public reports.
>> Upon completion of this investigation, Microsoft will take the
>> appropriate action to help protect our customers. This will include
>> providing a security update through our monthly release process or
>> providing an out-of-cycle security update, depending on customer needs.
>> Microsoft encourages users to exercise caution when they open e-mail and
>> links in e-mail from untrusted sources. For more information about Safe
>> Browsing, visit the Trustworthy Computing Web site.
>> We continue to encourage customers to follow our Protect Your PC guidance
>> of enabling a firewall, applying software updates and installing
>> antivirus software. Customers can learn more about these steps at the
>> Protect Your PC Web site.
>> Customers who believe they may have been affected by this issue can
>> contact Product Support Services. You can contact Product Support
>> Services in the United States and Canada at no charge using the PC Safety
>> line (1 866-PCSAFETY). Customers outside of the United States and Canada
>> can locate the number for no-charge virus support by visiting the
>> Microsoft Help and Support Web site.
>> Mitigating Factors:
>> · In a Web-based attack scenario, an attacker would have to host
>> a Web site that contains a Web page that is used to exploit this
>> vulnerability. An attacker would have no way to force users to visit a
>> malicious Web site. Instead, an attacker would have to persuade them to
>> visit the Web site, typically by getting them to click a link that takes
>> them to the attacker's Web site.
>> · An attacker who successfully exploited this vulnerability
>> could gain the same user rights as the local user. Users whose accounts
>> are configured to have fewer user rights on the system could be less
>> impacted than users who operate with administrative user rights.
>> · By default, Internet Explorer on Windows Server 2003, on
>> Windows Server 2003 Service Pack 1, on Windows Server 2003 with Service
>> Pack 1 for Itanium-based Systems, and on Windows Server 2003 x64 Edition
>> runs in a restricted mode that is known as Enhanced Security
>> Configuration This mode mitigates this vulnerability where the e-mail
>> vector is concerned although clicking on a link would still put users at
>> risk. In Windows Server 2003, Microsoft Outlook Express uses plain text
>> for reading and sending messages by default. When replying to an e-mail
>> message that is sent in another format, the response is formatted in
>> plain text. See the FAQ section of this vulnerability for more
>> information about Internet Explorer Enhanced Security Configuration.
>> =====
>> --
>> Chris H.
>> Microsoft Windows MVP/Tablet PC
>> Tablet Creations - http://nicecreations.us/
>> Associate Expert
>> Expert Zone - www.microsoft.com/windowsxp/expertzone
>>
>> "Josh Einstein" <josheinstein@hotmail.com> wrote in message
>> news:u8AIybIEGHA.3000@TK2MSFTNGP14.phx.gbl...
>>> This is a typical response from Chris who only trusts MS's word as
>>> gospel. But rather than linking directly to the EXE you should link to
>>> the page where the user can download it. Direct EXE links are
>>> irresponsible to click as well. Especially considering that they are so
>>> easily spoofed.
>>>
>>> --
>>> Josh Einstein
>>> Tablet Enhancements for Outlook 2.0 - Try it free for 14 days
>>> www.tabletoutlook.com
>>>
>>> "Jim" <reply@groups.please> wrote in message
>>> news:kMwuf.37341$Lb1.8673@bignews3.bellsouth.net.. .
>>>> Chris,
>>>>
>>>> You are acting in an extremely irresponsible manner. This is one of
>>>> the largest exploits ever to hit the Windows platform (in number of
>>>> machines affected), and you are telling people to do nothing.
>>>>
>>>> The only thing more irresponsible than your post is Microsoft's
>>>> refusal to take immediate action for such an exploit.
>>>>
>>>> Jim
>>>>
>>>> "Chris H." <winxpnews@hotmail.com> wrote in message
>>>> news:um047fHEGHA.140@TK2MSFTNGP12.phx.gbl...
>>>>> Microsoft has not released a patch at this point. Please do not
>>>>> download or install a patch from any other source.
>>>>> --
>>>>> Chris H.
>>>>> Microsoft Windows MVP/Tablet PC
>>>>> Tablet Creations - http://nicecreations.us/
>>>>> Associate Expert
>>>>> Expert Zone - www.microsoft.com/windowsxp/expertzone
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>

In article <OddXjBJEGHA.2036@TK2MSFTNGP14.phx.gbl>,
josheinstein@hotmail.com says...
> I'm just saying people should trust security experts. There *are* people out
> there more qualified to give security guidance than you or MS. SANS,
> F-secure, and Steve Gibson are 3 such parties.
>
> The patch may be unknown to or untested by you, but not to those security
> experts.

Having a fully updated AV solution, blocking at the firewall for the
known attachments/http files, I'm not installing a third party patch. At
this time our AV product seems to catch it and the firewall blocks most
of them, so I'm going to leave the computers the way they are instead of
having to support a patch that I don't know how it impacts the entire
base of users computers.

--

spam999free@rrohio.com
remove 999 in order to email me

Variations are coming out faster than AV vendors can keep up. Check out
f-secure's blog.

http://www.f-secure.com/weblog/



--
Josh Einstein
Tablet Enhancements for Outlook 2.0 - Try it free for 14 days
www.tabletoutlook.com
"Leythos" <void@nowhere.lan> wrote in message
news:Imzuf.278259$tD4.150970@tornado.ohiordc.rr.co m...
> In article <OddXjBJEGHA.2036@TK2MSFTNGP14.phx.gbl>,
> josheinstein@hotmail.com says...
>> I'm just saying people should trust security experts. There *are* people
>> out
>> there more qualified to give security guidance than you or MS. SANS,
>> F-secure, and Steve Gibson are 3 such parties.
>>
>> The patch may be unknown to or untested by you, but not to those security
>> experts.
>
> Having a fully updated AV solution, blocking at the firewall for the
> known attachments/http files, I'm not installing a third party patch. At
> this time our AV product seems to catch it and the firewall blocks most
> of them, so I'm going to leave the computers the way they are instead of
> having to support a patch that I don't know how it impacts the entire
> base of users computers.
>
> --
>
> spam999free@rrohio.com
> remove 999 in order to email me