From: "Geo" 

So lets see if I understand this. First we have a vulnerability in the web
client service which is described like this:

A remote code execution vulnerability exists in Windows Explorer because of
the way that it handles COM objects. An attacker would need to convince a
user to visit a Web site that could force a connection to a remote file
server. This remote file server could then cause Windows Explorer to fail
in a way that could allow code execution. An attacker who successfully
exploited this vulnerability could take complete control of an affected
system.

and then

Instead of fixing the exploit (if you ask me the web client service should
just be removed as a bad idea in an untrusted environment), they added yet
another program, this one scans shell extensions and it has a whitelist
that is stored in the registry so simply adding a registry entry will make
this new security shell extension scanner skip scanning your trojan shell
extension? I wonder if it works based simply on the file name so using an
existing whitelisted name exposes you again.

Is this "fix", and I use that term loosly,  from Microsoft or
Cheech and Chong?

Geo.


"Rich Gauszka"  wrote in message
news:4444ee0a$1{at}w3....
>
> http://support.microsoft.com/default.aspx/kb/918165?
>
>

--- BBBS/NT v4.01 Flag-5