Today Ronnie Vernon MVP commented courteously on the subject
at hand
Jerry,
If you would take the time to expand your very, very narrow
view and look at the information that is readily available
for the updates, you would find a long and detailed
description of each and every security update.
Ronnie, I take the "very, very narrow view" I do from long,
pragmatic experience, thank you. I first "discovered" digital
computers the September day in 1965 when I went to my first
engineering class in college. From there I went to CDC
mainframes, PCs in DOS, and through the Windoze "daze"
experience beginning with 3.0. As the saying goes, if
something can go wrong, it has happened to me. And, I have had
CUs go bad on me, but thankfully, not badly enough to have to
nuke and reinstall - I simply rolled the system back one RP -
the one /I/ set.
The update in question can be found at this location:
Microsoft Security Bulletin MS06-015: Vulnerability in
Windows Explorer Could Allow Remote Code Execution
(908531):
http://www.microsoft.com/technet/security/bulletin/ms06-015.
mspx
I read that. At the risk of another of my (in)famous sweeping
generalities, /all/ Windoze CUs quote about this at the time
Der Fuhrer orders you to update your system, and that is all
unless you go searching in the KB, "a vulnerability has been
found that may allow another to take control of your system
.... blah blah blah." No mention is every made of the frequency
of successful attacks or even exactly what system components
actually incur the risk. This info /may/ be in the KB article,
but usually isn't in my experience. However, when you are
"under the gun" getting an update notification isn't the time.
So, being not only narrow viewed but a contrarian, I take the
longer view of letting others debug Bill the Gates' code and I
/may/ install it later. In this case, my decision if final:
not. This is not unlike relying only on the drug store data
sheet on drug side-effects for prescription meds - as
mathematicians would say, necessary but not sufficient.
As to 908531, presumably this is somehow related to HP
something, so why would I install an HP-related update "just
in case" unless I had proof positive that my 1220C is one of
the guilty devices? Or, do I have this one confused with
another? It really is difficult to view life so narrowly and
keep this blizzard of security patches straight in my mind.
Any other security update can be found here:
Security Bulletin Search:
http://www.microsoft.com/technet/security/current.aspx
Based on your lack of information and understanding of this
subject, what exactly qualifies you to debate the integrity
of any MVP???
It sounds like you are simply another frustrated
"wannabee". If this is the case, don't bother to reply.
I am frustrated, but only sexually. I don't "wannabe"
anything. Back to your opening cheap shot, I do take a /very/
narrow view that my PC is a tool to accomplish useful work,
and not a hobbyist plaything. As such, I do take the narrow
view /not/ to shoot myself in the foot just because Bill says
"update of die!". You want to, that's your business.
As to doubting the integrity of MVPs, I've already addressed
that many, many times. I only judge people on what they do,
/not/ what they say. And, what MVPs - as a group, not
necessarily individually - do is spout the company line. I
actually saw one this morning tell someone who wasn't even
affected by 908531 to install it anyway! And, you doubt my
ability to separate truth from horseshit?
BTW, look up the full meaning of "integrity". It means far
more than the narrower word (God, I love to be narrow minded!)
"honesty". Then, come back and we'll talk.