From: "Rich" 

This is a multi-part message in MIME format.

------=_NextPart_000_0308_01C68BF7.A5B5DCE0
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

   What nonsense!  Windows 2000 was updated in the original release of =
http://www.microsoft.com/technet/security/bulletin/MS06-015.mspx.  =
Windows 9x is not being updated.  From the bulletin

  If Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and =
Microsoft Windows Millennium Edition (ME) are listed as an affected =
product, why is Microsoft not issuing security updates for them?
  During the development of Windows 2000, significant enhancements were =
made to the underlying architecture of Windows Explorer. The Microsoft =
Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft =
Windows Millennium Edition (ME) Windows Explorer architecture is much =
less robust than the more recent Windows architectures. Due to these =
fundamental differences, after extensive investigation, Microsoft has =
found that it is not feasible to make the extensive changes necessary to =
Windows Explorer on Microsoft Windows 98, Microsoft Windows 98 Second =
Edition (SE), and Microsoft Windows Millennium Edition (ME) to eliminate =
the vulnerability. To do so would require reengineer a significant = amount
of a critical core component of the operating system. After such = a
reengineering effort, there would be no assurance that applications =
designed to run on these platforms would continue to operate on the =
updated system.

  Microsoft strongly recommends that customers still using Microsoft =
Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft =
Windows Millennium Edition (ME) protect those systems by placing them =
behind a perimeter firewall which is filtering traffic on TCP Port 139. =
Such a firewall will block attacks attempting to exploit this =
vulnerability from outside of the firewall, as discussed in the =
workarounds section below.

Rich

  "Rich Gauszka"  wrote in message =
news:4489d02a{at}w3.nls.net...

  http://news.yahoo.com/s/pcworld/20060609/tc_pcworld/126041
  Microsoft said it wasn't feasible to make extensive changes to Windows =

  Explorer to eliminate a security vulnerability since the underlying=20
  architecture of Windows 2000 is much less robust, wrote Christopher =
Budd, a=20
  program manager with Microsoft's security response center.


  "Due to these fundamental differences, these changes would require=20
  reengineering a significant amount of a critical core component of the =

  operating system," Budd said.


  As a result, applications may not run on the updated system, he said.


------=_NextPart_000_0308_01C68BF7.A5B5DCE0
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








   What
nonsense!  =
Windows 2000 was=20
updated in the original release of http://www.microsoft.com/technet/security/bulletin/MS06-015.mspx"=
>.&nb" target="new">http://www.microsoft.com/technet/security/bulletin/MS06-015.mspx.&nb=
sp;=20
Windows 9x is not being updated.  From the bulletin
 

  If Microsoft Windows 98, Microsoft Windows 98 Second =
Edition=20
  (SE), and Microsoft Windows Millennium Edition (ME) are listed as an =
affected=20
  product, why is Microsoft not issuing security updates for=20
  them?During the development of Windows 2000,
significant=20
  enhancements were made to the underlying architecture of Windows =
Explorer. The=20
  Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and =
Microsoft=20
  Windows Millennium Edition (ME) Windows Explorer architecture is much =
less=20
  robust than the more recent Windows architectures. Due to these =
fundamental=20
  differences, after extensive investigation, Microsoft has found that =
it is not=20
  feasible to make the extensive changes necessary to Windows Explorer =
on=20
  Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and =
Microsoft=20
  Windows Millennium Edition (ME) to eliminate the vulnerability. To do =
so would=20
  require reengineer a significant amount of a critical core component =
of the=20
  operating system. After such a reengineering effort, there would be no =

  assurance that applications designed to run on these platforms would =
continue=20
  to operate on the updated system.Microsoft strongly
recommends =
that=20
  customers still using Microsoft Windows 98, Microsoft Windows 98 =
Second=20
  Edition (SE), and Microsoft Windows Millennium Edition (ME) protect =
those=20
  systems by placing them behind a perimeter firewall which is filtering =
traffic=20
  on TCP Port 139. Such a firewall will block attacks attempting to =
exploit this=20
  vulnerability from outside of the firewall, as discussed in the =
workarounds=20
  section below.
 
Rich
 

  "Rich Gauszka" <gauszka{at}hotmail.com>">mailto:gauszka{at}hotmail.com">gauszka{at}hotmail.com>
wrote =
in message=20
  news:4489d02a{at}w3.nls.net...http:=">http://news.yahoo.com/s/pcworld/20060609/tc_pcworld/126041">http:=
//news.yahoo.com/s/pcworld/20060609/tc_pcworld/126041Microsoft=20
  said it wasn't feasible to make extensive changes to Windows =
Explorer to=20
  eliminate a security vulnerability since the underlying =
architecture of=20
  Windows 2000 is much less robust, wrote Christopher Budd, a =
program=20
  manager with Microsoft's security response
center."Due to =
these=20
  fundamental differences, these changes would require reengineering =
a=20
  significant amount of a critical core component of the operating =
system,"=20
  Budd said.As a result, applications may not
run on the =
updated=20
  system, he said.

------=_NextPart_000_0308_01C68BF7.A5B5DCE0--

--- BBBS/NT v4.01 Flag-5