Microsoft Security Advisory (943521)

[Milo \(MSPSS\)]

Thanks for answering that Paul, and for a fact that gives me more
understanding on how to help and extend such assistance to others since it
does put me to situations where the real problem and issue churns.

 

[PA Bear]

You don't understand what a "v-" account means. Milo does not have a
direct
employment relationship with Microsoft. I was a "v-" for 12 some odd years
and was still able to be an MVP. Only FTEs of Microsoft have to give up
their MVP status. A v- is a vendor who has an account on Microsoft's
network. Not even close to being an employee.

Yeah, I discovered this after posting. Still, I feel that reference to
"MSPSS" is misleading and inappropriate.

 

[Sharon Franks]

Why because it looks more impressive than yours?

--

Sharon Franks
MCC group
Microsoft Certified Solutions Developer (MCSD)
Microsoft Certified Trainer (MCT).

 

[PA Bear]

No, because it leads newsgroup readers to assume he represents/works
directly for MS Product Support Services.

 

[Leonard Grey]

"A v- is a vendor who has an account on Microsoft's network."

Apologies for sticking my nose in, but why would a vendor have an
account on Microsoft's network?

 

[Sharon Franks]

That's done all the time with every big company. Say for example you are
writing a program for MS, you will needs access to their files say for
testing. There are numerous reasons why this is done.

--

Sharon Franks
MCC group
Microsoft Certified Solutions Developer (MCSD)
Microsoft Certified Trainer (MCT).

"A v- is a vendor who has an account on Microsoft's network."

Apologies for sticking my nose in, but why would a vendor have an account
on Microsoft's network?

 

[Paul Adare]

Yeah, I discovered this after posting. Still, I feel that reference to
"MSPSS" is misleading and inappropriate.

Why? If he works for MSPSS how in the world is that in any way misleading?

 

[BoaterDave]

Hello Paul. I've been to your web site (as advertised in your sig. <g>) and
noted the following: It seems you are *real* and can (probably) be believed.

I'm not too sure that applies to others posting here. I've been told that
Sharon Franks is actually PCButts1 for example (purported to be a bad guy)
but, for a 'newbie' coming here there really is no way of telling ..... is
there? Perhaps you, of all people I've met here, would be able to tell - can
you?

Dave
Paul Adare, the Chief Technology Officer of IdentIT Inc., is a security
consultant specializing in Identity Management, Rights Management, and
Public Key Infrastructure deployments. Paul has a wide ranging and varied
background including the whole gamut of Microsoft technologies, Lotus Notes,
Sun Microsystems, IBM AIX, and various flavours of UNIX and Linux.

Over the many years that Paul has been involved with computer systems and
security, he has held many different roles including technical training
(Microsoft Certified Trainer, Lotus Notes Certified Trainer, Sun
Microsystems Certified Trainer), consulting (Microsoft, Lotus Notes, Sun,
IBM, Security, Identity Management, Rights Management, PKI), subject matter
expert for Microsoft Learning Products, support and help desk roles among
others. Paul has been involved with Microsoft's Identity Management platform
since he worked as a subject matter expert on the Microsoft Learning Product
Course 2062, Implementing Microsoft Metadirectory Services.

Paul has been the Principal Consultant on a number of enterprise PKI and RMS
deployments for large financial services customers in the US and Canada. In
addition, Paul is a Microsoft MVP for Virtual PC and Virtual Server.

***************************************************

 

[BoaterDave]

What I'd be interested to know, Robear, is why you haven't used your normal
signature block in this thread, viz.

~Robear Dyer (PA Bear)
MS MVP-Windows (IE, OE, Security, Shell/User)
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.org/

I'm hopeful that you have a better explanation than that suggested by
'Sharon'. If you and your small group of 'helpers' at 'aumha' are 'good
guys', please tell me, and others reading here, exactly why you chose not to
advertise same in this/these threads. Thank you.

***************************************************

 

[Paul Adare]

Hello Paul. I've been to your web site (as advertised in your sig. <g>) and
noted the following: It seems you are *real* and can (probably) be believed.

I'm not too sure that applies to others posting here. I've been told that
Sharon Franks is actually PCButts1 for example (purported to be a bad guy)
but, for a 'newbie' coming here there really is no way of telling ..... is
there? Perhaps you, of all people I've met here, would be able to tell - can
you?

On USENET you can never really tell who is "real" and who is not, and that
really doesn't matter. You simply need to apply some critical thinking to
the posts you read here. After a while you get to realize what constitutes
good advice and what constitutes bad advice. There's really not a lot more
one can do.

 

[BoaterDave]

A wonderful signature this time around Paul - that's me to a tee as, indeed,
was "Compatible: Gracefully accepts erroneous data from any source"! <g>

Thank you for your comment. I agree entirely. My biggest concern, though
(really on behalf of others who visit these newsgroups) is whether or not
one can 'trust' the links posted by 'helpers'. Human nature being what it
is, I'm confident that most come here with a 'pressing' problem (to what
they perceive as 'Microsoft' sites) via TechNet.and will no doubt click on
the multifarious links without a second thought. Few will 'copy and paste'
such links into their browser.

How easy it would be (wouldn't it?) to obfuscate a link so that it might
take someone to a malicious URL. Perhaps things have improved with more
recent patches to MS Windows XP and with the introduction of Vista and IE7,
but I suspect that many individuals worldwide are still highly vulnerable. I
am a little surprised that an operation as successful as Microsoft does not
deem it necessary to 'police' its' own USENET groups to ensure that, if any
bad links are posted, they are quickly removed. *I* think they should!

Dave

*****************************************************

 

[Milo \(MSPSS\)]

C`mon everyone its just a signature - dont take much of attention to it at
the end of the day we just get to help those who is in need of assistance.
And also am not misleading anyone as I do work for the 866 PCSafety Security
Support group that I always recommend.

 

[Paul Adare]

C`mon everyone its just a signature - dont take much of attention to it at
the end of the day we just get to help those who is in need of assistance.
And also am not misleading anyone as I do work for the 866 PCSafety Security
Support group that I always recommend.

Just ignore PA Bear. He doesn't know what he's talking about here and is
simply making a mountain out of a molehill.

 

[pcbutts1]

I agree with this post

--

Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
The list grows. Leythos the stalker http://www.leythosthestalker.com, David
H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz,
Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell

 

[pcbutts1]

I agree with this post.

--

Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
The list grows. Leythos the stalker http://www.leythosthestalker.com, David
H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz,
Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell

 

[BoaterDave]

Can someone who isn't 'kill-filed' here please 'prompt' PABear into
responding? TIA

Dave

 

[Paul Adare]

Can someone who isn't 'kill-filed' here please 'prompt' PABear into
responding? TIA

Why? What's the point? What possible purpose would be served by answering
your question about why he didn't use his normal .sig in his post?

 

[MAP]

Why you're posting this useless message here?
This vulnerability does not affect Windows Vista.

This is not a "Vista only" newsgroup.

 

[BoaterDave]

Why? What's the point? What possible purpose would be served by answering
your question about why he didn't use his normal .sig in his post?

I've 'known' Robear here on the MS newsgroups for 2 years. He has, to
the best of my knowledge, always used his 'signature block'.

I discovered quite a while ago that a poster can masquerade as anyone
they wish. I'd just like to confirm (or otherwise) that it was
actually PABear who made the post to which you responded with "Just
ignore PA Bear. He doesn't know what he's talking about here and is
simply making a mountain out of a molehill".

That's all!

Dave