From: "Geo" 

"Frank Haber"  wrote in message
news:43b4417b$1{at}w3.nls.net...
> I think this is Microsoft in punt mode on just this exploit.

Mitigating Factors:
•In a Web-based attack scenario, an attacker would have to host a Web site
that contains a Web page that is used to exploit this vulnerability. An
attacker would have no way to force users to visit a malicious Web site.
Instead, an attacker would have to persuade them to visit the Web site,
typically by getting them to click a link that takes them to the attacker's
Web site.


why do they keep insisting on this crap being so hard to do, didn't I
already show everyone here how easy it is to send them off to a website of
my choosing via a pdf file, and it can be done via a wmv file just as
easily as both formats contain features to specifically allow this. Simply
mass emailing of one of these file formats would compromise millions. Hell,
email pdf's named PurchaseOrder.pdf would compromise more business users
than anyone could imagine.

Geo.

--- BBBS/NT v4.01 Flag-5