From: "Rich" 

This is a multi-part message in MIME format.

------=_NextPart_000_032D_01C68BFF.44FC61F0
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

   The article's author's statement is garbage and not supported by the =
supposed quote or by the published Microsoft bulletin.  If you want =
accurate information, look to the bulletin at the URL I provided.

Rich

  "Rich Gauszka"  wrote in message =
news:448a2d7b{at}w3.nls.net...
  My original subject line said  "Are W2k Explorer users toast security =
wise?" . Do you disagree with Christopher Budd or do you think he was
= misquoted by pcworld about 2k and it's security vulnerability and the =
extensive reengineering of a critical core components that would be =
needed?
  It's the 'extensive reengineering' quote that got my attention

  I would bet a good many people that have home networks have port 139 =
open for file and print sharing. Just issuing a blurb to close it seems = a
bit pointless. I also doubt any of those people that are on 98 will =
invest in a perimeter firewall.=20

  I would say they are all zombie/trojan candidates but I can't talk =
about them anymore as I am inficted with the wga 'phone home' trojan=20

   =20
    "Rich"  wrote in message news:448a28f2$1{at}w3.nls.net...
       What nonsense!  Windows 2000 was updated in the original release =
of http://www.microsoft.com/technet/security/bulletin/MS06-015.mspx.  =
Windows 9x is not being updated.  From the bulletin

      If Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), =
and Microsoft Windows Millennium Edition (ME) are listed as an affected =
product, why is Microsoft not issuing security updates for them?
      During the development of Windows 2000, significant enhancements =
were made to the underlying architecture of Windows Explorer. The =
Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and =
Microsoft Windows Millennium Edition (ME) Windows Explorer architecture =
is much less robust than the more recent Windows architectures. Due to =
these fundamental differences, after extensive investigation, Microsoft =
has found that it is not feasible to make the extensive changes = necessary
to Windows Explorer on Microsoft Windows 98, Microsoft Windows = 98 Second
Edition (SE), and Microsoft Windows Millennium Edition (ME) to = eliminate
the vulnerability. To do so would require reengineer a = significant amount
of a critical core component of the operating system. = After such a
reengineering effort, there would be no assurance that = applications
designed to run on these platforms would continue to = operate on the
updated system.

      Microsoft strongly recommends that customers still using Microsoft =
Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft =
Windows Millennium Edition (ME) protect those systems by placing them =
behind a perimeter firewall which is filtering traffic on TCP Port 139. =
Such a firewall will block attacks attempting to exploit this =
vulnerability from outside of the firewall, as discussed in the =
workarounds section below.

    Rich

      "Rich Gauszka"  wrote in message =
news:4489d02a{at}w3.nls.net...

      http://news.yahoo.com/s/pcworld/20060609/tc_pcworld/126041
      Microsoft said it wasn't feasible to make extensive changes to =
Windows=20
      Explorer to eliminate a security vulnerability since the =
underlying=20
      architecture of Windows 2000 is much less robust, wrote =
Christopher Budd, a=20
      program manager with Microsoft's security response center.


      "Due to these fundamental differences, these changes would require =

      reengineering a significant amount of a critical core component of =
the=20
      operating system," Budd said.


      As a result, applications may not run on the updated system, he =
said.


------=_NextPart_000_032D_01C68BFF.44FC61F0
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








   The
article's author's =
statement is=20
garbage and not supported by the supposed quote or by the published = Microsoft=20
bulletin.  If you want accurate information, look to =
the bulletin at=20
the URL I provided.
 
Rich
 

  "Rich Gauszka" <gauszka{at}hotmail.com>">mailto:gauszka{at}hotmail.com">gauszka{at}hotmail.com>
wrote =
in message=20
  news:448a2d7b{at}w3.nls.net...
  My original subject line
said  =
"Are W2k Explorer users toast security
wise?" . Do =
you=20
  disagree with Christopher Budd or do you think he was misquoted =
by=20
  pcworld about 2k and it's security vulnerability and the extensive =
reengineering of
a critical =
core components=20
  that would be needed?
  It's the 'extensive reengineering' quote that got my =
attention
   
  I would bet a good many people that =
have home=20
  networks have port 139 open for file and print sharing. Just =
issuing a=20
  blurb to close it seems a bit pointless. I also doubt any of those =
people that=20
  are on 98 will invest in a perimeter firewall. 
   
  I would say they are all =
zombie/trojan candidates=20
  but I can't talk about them anymore as I am inficted with the wga =
'phone home'=20
  trojan 
   
    
  

    "Rich" <{at}> wrote in message news:448a28f2$1{at}w3.nls.net...
       What
nonsense!  =
Windows 2000=20
    was updated in the original release of http://www.microsoft.com/technet/security/bulletin/MS06-015.mspx"=
>.&nb" target="new">http://www.microsoft.com/technet/security/bulletin/MS06-015.mspx.&nb=
sp;=20
    Windows 9x is not being updated.  From the =
bulletin
     
    
      If Microsoft Windows 98, Microsoft Windows 98 Second =
Edition=20
      (SE), and Microsoft Windows Millennium Edition (ME) are listed as =
an=20
      affected product, why is Microsoft not issuing security updates =
for=20
      them?During the development of Windows 2000, =
significant=20
      enhancements were made to the underlying architecture of Windows =
Explorer.=20
      The Microsoft Windows 98, Microsoft Windows 98 Second Edition =
(SE), and=20
      Microsoft Windows Millennium Edition (ME) Windows Explorer =
architecture is=20
      much less robust than the more recent Windows architectures. Due =
to these=20
      fundamental differences, after extensive investigation, Microsoft =
has=20
      found that it is not feasible to make the extensive changes =
necessary to=20
      Windows Explorer on Microsoft Windows 98, Microsoft Windows 98 =
Second=20
      Edition (SE), and Microsoft Windows Millennium Edition (ME) to =
eliminate=20
      the vulnerability. To do so would require reengineer a significant =
amount=20
      of a critical core component of the operating system. After such a =

      reengineering effort, there would be no assurance that =
applications=20
      designed to run on these platforms would continue to operate on =
the=20
      updated system.Microsoft strongly recommends that =
customers still=20
      using Microsoft Windows 98, Microsoft Windows 98 Second Edition =
(SE), and=20
      Microsoft Windows Millennium Edition (ME) protect those systems by =
placing=20
      them behind a perimeter firewall which is filtering traffic on TCP =
Port=20
      139. Such a firewall will block attacks attempting to exploit this =

      vulnerability from outside of the firewall, as discussed in the=20
      workarounds section below.
     
    Rich
     
    
      "Rich Gauszka" <gauszka{at}hotmail.com>">mailto:gauszka{at}hotmail.com">gauszka{at}hotmail.com>
=
wrote in=20
      message news:4489d02a{at}w3.nls.net...http:=">http://news.yahoo.com/s/pcworld/20060609/tc_pcworld/126041">http:=
//news.yahoo.com/s/pcworld/20060609/tc_pcworld/126041Microsoft=20
      said it wasn't feasible to make extensive changes to Windows =
Explorer=20
      to eliminate a security vulnerability since the underlying=20
      architecture of Windows 2000 is much less robust, wrote =
Christopher=20
      Budd, a program manager with Microsoft's security response=20
      center."Due to these fundamental
differences, these =
changes=20
      would require reengineering a significant amount of a critical =
core=20
      component of the operating system," Budd
said.As a =
result,=20
      applications may not run on the updated system, he=20
 
said.

------=_NextPart_000_032D_01C68BFF.44FC61F0--

--- BBBS/NT v4.01 Flag-5