From: "Geo" 

This is a multi-part message in MIME format.

------=_NextPart_000_00A1_01C6638D.F40D9FF0
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Aren't shell extensions considered trusted code? Seems stupid to have to =
have something running constantly to validate them.
  "Rich"  wrote in message news:44459671$1{at}w3....
     Because one aspect of the security update is that classes used as =
shell extensions are validated to ensure that they are well behaved =
before they are allowed to be loaded within the shell.  The HP extension =
is not well behaved.

     I read the nonsense you wrote and the support article.  It was =
clear from the nonsense you wrote that you either did not read, did not =
understand, or simply ignored the support article.

  Rich

    "Geo"  wrote in message news:44458051$3{at}w3....
    I wasn't talking abou the HP shell extension, I was talking about =
MS06-015 which is the security patch that causes the HP shell extension =
to fail and requires a whitelisting in order to not scan that shell =
extension as part of the web client patch. Why don't you try reading?

    Geo.
      "Rich"  wrote in message news:44457ddd{at}w3....
         It has nothing to do with Trojans and there is nothing to be =
fixed in Explorer so take off your tin foil hat.  The problem described =
by the support article is that the HP shell extension behaves badly.  = You
can uninstall the HP component or you can get past the issue using = the
instructions described here.

         You should also some demonstrating you are an idiot and a =
whiner.  You would look less like an idiot if you read the articles = about
which you are commenting.

      Rich

        "Geo"  wrote in message
news:444532ec$1{at}w3....


        Instead of fixing the exploit (if you ask me the web client =
service should
        just be removed as a bad idea in an untrusted environment), they =
added yet
        another program, this one scans shell extensions and it has a =
whitelist that
        is stored in the registry so simply adding a registry entry will =
make this
        new security shell extension scanner skip scanning your trojan =
shell
        extension? I wonder if it works based simply on the file name so =
using an
        existing whitelisted name exposes you again.

        Is this "fix", and I use that term loosly,  from Microsoft or =
Cheech and
        Chong?

        Geo.


        "Rich Gauszka"  wrote in message =
news:4444ee0a$1{at}w3....
        >
        > http://support.microsoft.com/default.aspx/kb/918165?
        >
        >


------=_NextPart_000_00A1_01C6638D.F40D9FF0
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








Aren't shell extensions considered =
trusted code?=20
Seems stupid to have to have something running constantly to validate=20
them.

  "Rich" <{at}> wrote in message news:44459671$1{at}w3....
     Because
one aspect of =
the security=20
  update is that classes used as shell extensions are validated to =
ensure that=20
  they are well behaved before they are allowed to be loaded within the=20
  shell.  The HP extension is not well behaved.
   
     I read
the nonsense you =
wrote and=20
  the support article.  It was clear from the nonsense you wrote =
that you=20
  either did not read, did not understand, or simply ignored the support =

  article.
   
  Rich
   
  

    "Geo" <georger{at}nls.net>=20">mailto:georger{at}nls.net">georger{at}nls.net>=20
    wrote in message news:44458051$3{at}w3....
    I wasn't talking abou the HP shell =
extension, I=20
    was talking about MS06-015 which is the security patch that causes =
the HP=20
    shell extension to fail and requires a whitelisting in order to not =
scan=20
    that shell extension as part of the web client patch. Why don't you =
try=20
    reading?
     
    Geo.
    

      "Rich" <{at}> wrote in message news:44457ddd{at}w3....
         It
has nothing to do =
with=20
      Trojans and there is nothing to be fixed in Explorer so take off =
your tin=20
      foil hat.  The problem described by the support article is =
that the=20
      HP shell extension behaves badly.  You can uninstall the HP =
component=20
      or you can get past the issue using the instructions described=20
      here.
       
         You
should also some =

      demonstrating you are an idiot and a whiner.  You would look =
less=20
      like an idiot if you read the articles about which you are=20
      commenting.
       
      Rich
       
      
        "Geo" <georger{at}nls.net>=20">mailto:georger{at}nls.net">georger{at}nls.net>=20
        wrote in message news:444532ec$1{at}w3....Inste=
ad=20
        of fixing the exploit (if you ask me the web client service=20
        shouldjust be removed as a bad idea in an untrusted =
environment),=20
        they added yetanother program, this one scans shell =
extensions and=20
        it has a whitelist thatis stored in the registry so simply =
adding a=20
        registry entry will make thisnew security shell extension =
scanner=20
        skip scanning your trojan shellextension? I wonder if it =
works based=20
        simply on the file name so using anexisting whitelisted name =
exposes=20
        you again.Is this "fix", and I use that term =
loosly,  from=20
        Microsoft or Cheech
andChong?Geo."Rich
=
Gauszka"=20
        <gauszka{at}hotmail.com>=20">mailto:gauszka{at}hotmail.com">gauszka{at}hotmail.com>=20
        wrote in message news:4444ee0a$1{at}w3....>>
=
http://suppo" target="new">http://suppo=">http://support.microsoft.com/default.aspx/kb/918165">http://suppo=
rt.microsoft.com/default.aspx/kb/918165?>>

------=_NextPart_000_00A1_01C6638D.F40D9FF0--

--- BBBS/NT v4.01 Flag-5