From: "Geo." 

"Rich"  wrote in message news:3e3219d5$1{at}w3.nls.net...
>>   Assuming we are back to the original report you mentioned and we had
been discussing, the problem is that IE allowed a remote site to navigate
to the local file and a distinct IE problem with MIME content tyoes. 
That's it.  This report is just one complex scenario that exploited the IE
issues and it is just those and not the whole scenario that is the
problem.<<

But there is a point here you seem to be missing. Many exploits for IE are
not considered true exploits or not critical exploits because they require
the hacker somehow lure the IE user to the hackers hostile web page in
order to hack the IE user.

If IE were more under the control of the user, if it required a user
specifically make the decision to start up IE and go off to a URL instead
of all these automatic ways of having other apps launch IE on a mission, IE
would be a LOT less of a risk.

I will accept that media player is not the gun, but it is most certainly
aiming the gun and it is also the trigger and it's being pulled by a
stealth feature in a media player file that is under the control of someone
other than the user. No?

Geo.

--- BBBS/NT v4.01 Flag-4