From: "Rich" 

This is a multi-part message in MIME format.

------=_NextPart_000_013E_01C5D0E4.C2A48550
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

   At the time I said assume Windows XP SP2 or Windows Server 2003 SP1.  =
According to eeye, both are immune to the remote push attacks.  The =
remote pull attacks eeye reported are apply to an older release of =
Windows Media Player and to an older COM component that a tiny fraction =
of people would have installed.  They don't help your claim at all =
because eeye can't compel people to visit a web page they own with the =
appropriate level of access or download and open a file they supply.  = And
again none affect me or my family.

   First, folks don't have to visit Windows Update.  Updates can be and =
often are installed automatically.  Even without this, you are nowhere =
close to "95% of the worlds computers".

Rich

  "Geo"  wrote in message
news:43502caa{at}w3.nls.net...
  George's claim was that the exploits would allow pretty much any =
windows box on the internet to be rooted by eeye, you are the one trying =
to limit this to your specific computer where you run mostly just the =
newest versions of whatever MS gives you.

  anyone can go to windows update and see if they require the patches, =
how many folks here do you think will find that they do?

  Geo.
    "Rich"  wrote in message news:434fded9{at}w3.nls.net...
       George's false claim was in regard to eeye's reported claims.  I =
don't have a vulnerable copy of that installed anywhere and only one or =
two of my machines have any copy.

       The simple point is that George was wrong.  He'd look less a fool =
if he admitted it.

    Rich

      "Mike N."  wrote in message =
news:oc3vk1997vntoam2oqlc14e837ejsvu3u6{at}4ax.com...
      On Thu, 13 Oct 2005 21:19:50 -0700, "Rich"  wrote:

      >   I don't have MDT2DD.DLL installed.=20

         But what about the subject of the advisory MSDDS.DLL?  But I =
see that it
      only concerns old versions of this DLL that almost no one would be =
running.

------=_NextPart_000_013E_01C5D0E4.C2A48550
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








   At the
time I said assume =
Windows XP=20
SP2 or Windows Server 2003 SP1.  According to eeye, both are
immune = to the=20
remote push attacks.  The remote pull attacks eeye reported are =
apply to an=20
older release of Windows Media Player and to an older COM component that = a tiny=20
fraction of people would have installed.  They don't help your =
claim at all=20
because eeye can't compel people to visit a web page they own with = the=20
appropriate level of access or download and open a file they =
supply.  And=20
again none affect me or my family.
 
   First,
folks don't have to =
visit=20
Windows Update.  Updates can be and often are installed=20
automatically.  Even without this, you are nowhere close to
"95% of = the=20
worlds computers".
 
Rich
 

  "Geo" <georger{at}nls.net>">mailto:georger{at}nls.net">georger{at}nls.net>
wrote=20
  in message news:43502caa{at}w3.nls.net...
  George's claim was that the exploits =
would allow=20
  pretty much any windows box on the internet to be rooted by eeye, you =
are the=20
  one trying to limit this to your specific computer where you run =
mostly just=20
  the newest versions of whatever MS gives you.
   
  anyone can go to windows update and =
see if they=20
  require the patches, how many folks here do you think will find that =
they=20
  do?
   
  Geo.
  

    "Rich" <{at}> wrote in message news:434fded9{at}w3.nls.net...
      
George's false claim =
was in regard=20
    to eeye's reported claims.  I don't have a vulnerable copy of =
that=20
    installed anywhere and only one or two of my machines have any=20
    copy.
     
       The
simple point is =
that George=20
    was wrong.  He'd look less a fool if he admitted =
it.
     
    Rich
     
    
      "Mike N." <mike{at}u-spam-u-die.net>">mailto:mike{at}u-spam-u-die.net">mike{at}u-spam-u-die.net>
= wrote in=20
      message news:oc3vk1997vn=
toam2oqlc14e837ejsvu3u6{at}4ax.com...On=20
      Thu, 13 Oct 2005 21:19:50 -0700, "Rich" <{at}>=20
      wrote:>   I don't have
MDT2DD.DLL installed.=20
         But what about the subject
of the advisory=20
      MSDDS.DLL?  But I see that itonly concerns old versions =
of this=20
      DLL that almost no one would be=20
running.

------=_NextPart_000_013E_01C5D0E4.C2A48550--

--- BBBS/NT v4.01 Flag-5