From: "Geo" 

This is a multi-part message in MIME format.

------=_NextPart_000_0086_01C5D16D.C84EE020
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

I was the one who made the statement and it was "pretty much any
windows = box connected to the internet". Are you now trying to tell
us that XPsp2 = and S03 don't require any of the october critical patches?
As for pull = vs push, I can push you a pdf file to pull and that makes it
a push = issue in my book, the fact that you think only one exploit at a
time = should be used speaks volumes about your hacking mentality.

Geo.
  "Rich"  wrote in message news:43504d74{at}w3.nls.net...
     At the time I said assume Windows XP SP2 or Windows Server 2003 =
SP1.  According to eeye, both are immune to the remote push attacks.  = The
remote pull attacks eeye reported are apply to an older release of =
Windows Media Player and to an older COM component that a tiny fraction =
of people would have installed.  They don't help your claim at all =
because eeye can't compel people to visit a web page they own with the =
appropriate level of access or download and open a file they supply.  = And
again none affect me or my family.

     First, folks don't have to visit Windows Update.  Updates can be =
and often are installed automatically.  Even without this, you are =
nowhere close to "95% of the worlds computers".

  Rich

    "Geo"  wrote in message
news:43502caa{at}w3.nls.net...
    George's claim was that the exploits would allow pretty much any =
windows box on the internet to be rooted by eeye, you are the one trying =
to limit this to your specific computer where you run mostly just the =
newest versions of whatever MS gives you.

    anyone can go to windows update and see if they require the patches, =
how many folks here do you think will find that they do?

    Geo.
      "Rich"  wrote in message news:434fded9{at}w3.nls.net...
         George's false claim was in regard to eeye's reported claims.  =
I don't have a vulnerable copy of that installed anywhere and only one = or
two of my machines have any copy.

         The simple point is that George was wrong.  He'd look less a =
fool if he admitted it.

      Rich

        "Mike N."  wrote in message =
news:oc3vk1997vntoam2oqlc14e837ejsvu3u6{at}4ax.com...
        On Thu, 13 Oct 2005 21:19:50 -0700, "Rich"  wrote:

        >   I don't have MDT2DD.DLL installed.=20

           But what about the subject of the advisory MSDDS.DLL?  But I =
see that it
        only concerns old versions of this DLL that almost no one would =
be running.

------=_NextPart_000_0086_01C5D16D.C84EE020
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








I was the one who made the statement =
and it was=20
"pretty much any windows box connected to the internet". Are you
now = trying to=20
tell us that XPsp2 and S03 don't require any of the october critical = patches? As=20
for pull vs push, I can push you a pdf file to pull and that makes it a = push=20
issue in my book, the fact that you think only one exploit at a =
time should=20
be used speaks volumes about your hacking mentality.
 
Geo.

  "Rich" <{at}> wrote in message news:43504d74{at}w3.nls.net...
     At the
time I said =
assume Windows XP=20
  SP2 or Windows Server 2003 SP1.  According to eeye, both are =
immune to=20
  the remote push attacks.  The remote pull attacks eeye reported =
are apply=20
  to an older release of Windows Media Player and to an older COM =
component that=20
  a tiny fraction of people would have installed.  They don't help =
your=20
  claim at all because eeye can't compel people to visit a web =
page they=20
  own with the appropriate level of access or download and open a file =
they=20
  supply.  And again none affect me or my family.
   
     First,
folks don't have =
to visit=20
  Windows Update.  Updates can be and often are installed=20
  automatically.  Even without this, you are nowhere close to "95% =
of the=20
  worlds computers".
   
  Rich
   
  

    "Geo" <georger{at}nls.net>=20">mailto:georger{at}nls.net">georger{at}nls.net>=20
    wrote in message news:43502caa{at}w3.nls.net...
    George's claim was that the =
exploits would=20
    allow pretty much any windows box on the internet to be rooted by =
eeye, you=20
    are the one trying to limit this to your specific computer where you =
run=20
    mostly just the newest versions of whatever MS gives =
you.
     
    anyone can go to windows
update and =
see if they=20
    require the patches, how many folks here do you think will find that =
they=20
    do?
     
    Geo.
    

      "Rich" <{at}> wrote in message news:434fded9{at}w3.nls.net...
        
George's false claim =
was in=20
      regard to eeye's reported claims.  I don't have a vulnerable =
copy of=20
      that installed anywhere and only one or two of my machines =
have any=20
      copy.
       
         The
simple point is =
that George=20
      was wrong.  He'd look less a fool if he admitted =
it.
       
      Rich
       
      
        "Mike N." <mike{at}u-spam-u-die.net>">mailto:mike{at}u-spam-u-die.net">mike{at}u-spam-u-die.net>
= wrote=20
        in message news:oc3vk1997vn=
toam2oqlc14e837ejsvu3u6{at}4ax.com...On=20
        Thu, 13 Oct 2005 21:19:50 -0700, "Rich" <{at}>=20
        wrote:>   I don't have
MDT2DD.DLL =
installed.=20
           But what about the subject
of the advisory=20
        MSDDS.DLL?  But I see that itonly concerns old versions =
of this=20
        DLL that almost no one would be=20
  =
running.

------=_NextPart_000_0086_01C5D16D.C84EE020--

--- BBBS/NT v4.01 Flag-5