MS09-054: Cumulative security update for Internet Explorer

Jeff Richards wrote:
> Perhaps you would like to provide the reference to the post where I
> recommended installation. I can't find it. Forget the name-calling, leave
> the histrionics out - just show me the words I used where I recommended
> installation of these files.

Uniquely, it happens to at present, appear directly below this post of
yours in the threaded view of this discussion.

Though you do not directly state it should be installed, you make NO
effort to make sure anyone DOES understand the variables. You spend more
time attempting to address my handling of *trolls* and *sockpuppets*, or
is it *you didn't have a clue that is what was occurring*.
Moreover, you made NO effort, when the immediate reaction by Greg was
to use your post as a basis TO INSTALL the supposed updates, to correct
or clarify *your* statement, leaving the impression of your support for
that activity.
Were this still a supported OS, I would have made an official complaint
to Microsoft requesting your removal status as an MVP due to the harm
and damage from your post.

Let me put it below so you have a reference to work from:

From: "Jeff Richards" <.au>
References: <4ADBD29B.F3C94E64 RemoveThis @Guy.com>
<eijwX#HUKHA.1792@TK2MSFTNGP04.phx.gbl>
<7k3e5cF345p2qU1 RemoveThis @mid.individual.net> <eWXPrtRUKHA.4704 RemoveThis @TK2MSFTNGP02.phx.gbl>
Subject: Re: MS09-054: Cumulative security update for Internet Explorer
Date: Wed, 21 Oct 2009 17:26:59 +1100
"MEB" <MEB-not-here RemoveThis @hotmail.com> wrote in message
news:eWXPrtRUKHA.4704@TK2MSFTNGP02.phx.gbl...
> > snip <
> > It *MAY* contain a fix
> > [within that file], but that also requires *ALL* the other files and
> > their fixes to accomplish the goal.

That statement is completely incorrect. It is quite feasible, and in fact
quite common, that a change to a single file provides potection against
the
exploit.

It is unfortunate that you react in such an emotional manner to anyone who
attempts to clarify what you are trying to say, because some of your
comments are correct.

For instance, it is possible that the files that _can_ be installed are not
the files that needed to be changed to protect against the exploit. It is
possible that the exploit exists in W98 regardless of whether the files are
patched or not, because W98 does not contain the features that the patch
relies on in order to provide the claimed protection. It is possible that
the patches are irrelevant for W98 because the vulnerability never existed
in the first place. There are, in fact, a wide range of possibilities.
But
that message is lost in your rudeness and name-calling. And your statement
that I have quoted above is just plain wrong.




--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---

Horse hockey! KB974455 applies to IE6 SP1 running in Windows 2000
*SP4* (only), WinXP SP2 or SP3 (only), and Win2003 SP2 (only).

<QP>
It should be a priority for customers who have older releases of the
software to migrate to supported releases to prevent potential
exposure to vulnerabilities.
</QP>
Source: http://www.microsoft.com/technet/security/bulletin/MS09-054.mspx
(FAQ)

Translation: If you're worried about security, migrate to WinXP SP3 or
higher.


On Oct 19, 9:49 pm, Greg <inva... RemoveThis @invalid.net> wrote:
> ...This patch is for windows 2000 or above.

"MEB" <MEB-not-here RemoveThis @hotmail.com> wrote in message
news:OWQ2Yn%23UKHA.4780@TK2MSFTNGP05.phx.gbl...
> Jeff Richards wrote:
>> Perhaps you would like to provide the reference to the post where I
>> recommended installation. I can't find it. Forget the name-calling,
>> leave
>> the histrionics out - just show me the words I used where I recommended
>> installation of these files.
<snip>
> Though you do not directly state it should be installed, you make NO
> effort to make sure anyone DOES understand the variables. You spend more
> time attempting to address my handling of *trolls* and *sockpuppets*, or
> is it *you didn't have a clue that is what was occurring*.
<snip>

That's the ticket MEB, never admit you are wrong and turn the words, so
that you appear to be winning.

Just a little reminder for those perhaps unfamiliar with the Usenet
culture. There is a common suggestion: DO NOT FEED THE TROLLS.
*Expect though*, that there will be those who MUST *tromp on the
trolls* so the world knows what and who they are and/or to dispel
whatever myth or falsehood may be involved. You can generally recognize
a REAL troll or these other parties rather easily by what they
consistently use [attacks against parties and their viable materials]
and their type of posting style.
These low-life Usenetters [note1], generally without anything of value
to post and lacking the intelligence necessary to do so; they *WILL*
attack [often several trolls and sockpuppets at a time] those posting
viable materials attempting to take over the various groups for their
own usage or to kill the respective group [a personal satisfaction to
these types]; and to discredit viable parties and postings to whatever
extent possible.
There are also those who deliberately post false information with
seemingly legitimate links or arguments, or who actually believe the
"urban myths" regardless of ALL of the materials and arguments
otherwise; it does not, however, change what these people are, the scum
of Usenet and what will bring its ultimate demise.

Please read the below so you might have a better understanding of the
various types of parties [there are other classifications], and what to
expect within Usenet. Here's a hint, if the party posting is using their
REAL name, you can likely, a least, consider their post *might* be of
value, since what they post follows them to their REAL life. Note
though: Usenet is also filled with Identity theft, so look for those
parties including some method of verification of who they are.

Here's a well put idea taken from jonz, a dejanews user/troll's sig
[per a discussion with this entity], who must have forgotten this *was*
the sig being used, unless it was a sub-conscious admission and warning
of what this party is/was:

""Usenet is like a herd of performing elephants with diarrhea - massive,
difficult to redirect, awe-inspiring, entertaining, and a source of
mind-boggling amounts of excrement when you least expect it."
- Gene Spafford,1992"

So here's "the rest of the story" {Paul Harvey's well known keymark
statement}:
http://www.angelfire.com/space/usenet/
http://en.wikipedia.org/wiki/Troll_%28Internet%29
http://en.wikipedia.org/wiki/Sockpuppet_%28Internet%29
http://en.wikipedia.org/wiki/On_the_Internet,_nobody_knows_you%27re_a_dog
http://en.wikipedia.org/wiki/Shill
http://en.wikipedia.org/wiki/Astroturfing
http://en.wikipedia.org/wiki/Hit-and-run_posting
http://en.wikipedia.org/wiki/Lurker
http://en.wikipedia.org/wiki/1%25_rule_%28Internet_culture%29

note1 - Not all Usenetters are trolls or such, but there ARE vast
numbers of them throughout Usenet with apparently nothing better to do
in their miserable and pathetic lives but to use the groups for their
own inexorable and infantile amusement.

You have your facts wrong, once again. I did make an effort to ensure that
people do understand the variables. Specifically, I corrected your
assertion that "*ALL* the other files and their fixes" are required in order
to fix a vulnerability. Drawing attention to such a blatantly and obviously
incorrect assertion may be quite helpful to people working out what they
should, or shouldn't do about this patch.

But how you managed to read that correction as somehow advocating the
installation of the fix is a mystery to me. I think your paranoia has
affected your comprehension. Can you understand how irrational it is to
assume that anyone who disagrees with any part of anything you say is in
full agreement with all the other people who have disagreed with you?
Because that is exactly what you are assuming.

And please don't 'handle' the trolls - there weren't any trolls here until
you started 'handling' them.
--
Jeff Richards
----------------------------------------

"MEB" <MEB-not-here.RemoveThis@hotmail.com> wrote in message
news:OWQ2Yn%23UKHA.4780@TK2MSFTNGP05.phx.gbl...
> Jeff Richards wrote:
>> Perhaps you would like to provide the reference to the post where I
>> recommended installation. I can't find it. Forget the name-calling,
>> leave
>> the histrionics out - just show me the words I used where I recommended
>> installation of these files.
>
> Uniquely, it happens to at present, appear directly below this post of
> yours in the threaded view of this discussion.
>
> Though you do not directly state it should be installed, you make NO
> effort to make sure anyone DOES understand the variables. You spend more
> time attempting to address my handling of *trolls* and *sockpuppets*, or
> is it *you didn't have a clue that is what was occurring*.
> Moreover, you made NO effort, when the immediate reaction by Greg was
> to use your post as a basis TO INSTALL the supposed updates, to correct
> or clarify *your* statement, leaving the impression of your support for
> that activity.
> Were this still a supported OS, I would have made an official complaint
> to Microsoft requesting your removal status as an MVP due to the harm
> and damage from your post.
>
> Let me put it below so you have a reference to work from:
>

Jeff Richards wrote:
> You have your facts wrong, once again. I did make an effort to ensure that
> people do understand the variables. Specifically, I corrected your
> assertion that "*ALL* the other files and their fixes" are required in order
> to fix a vulnerability. Drawing attention to such a blatantly and obviously
> incorrect assertion may be quite helpful to people working out what they
> should, or shouldn't do about this patch.
>
> But how you managed to read that correction as somehow advocating the
> installation of the fix is a mystery to me. I think your paranoia has
> affected your comprehension. Can you understand how irrational it is to
> assume that anyone who disagrees with any part of anything you say is in
> full agreement with all the other people who have disagreed with you?
> Because that is exactly what you are assuming.
>
> And please don't 'handle' the trolls - there weren't any trolls here until
> you started 'handling' them.

Oh, in case you missed it...

The other directed post from me to this posting is your third
opportunity to correct your errors or otherwise clarify your statements.

--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---

"MEB" <MEB-not-here.TakeThisOut@hotmail.com> wrote in message
news:uIadyqEVKHA.3428@TK2MSFTNGP06.phx.gbl...
> Jeff Richards wrote:
>> You have your facts wrong, once again. <snip>
>
> Really, so explain 98 Guy and Sunny... and why YOU seem to now be
> taking 98 Guy's side ...

Once again, YOU do not get to give orders to anyone on Usenet (or anywhere
else).
Has it dawned on you yet, that posters "on your side" seem to be very
scarce?

How about climbing down off your high horse.

"MEB" <MEB-not-here.DeleteThis@hotmail.com> wrote in message
news:eZX8hEFVKHA.3720@TK2MSFTNGP02.phx.gbl...
> Jeff Richards wrote:
>> You have your facts wrong, once again.<snip>
> The other directed post from me to this posting is your third
> opportunity to correct your errors or otherwise clarify your statements.

You really are a nasty piece of work MEB.
("directed post from me etc.)
Arrogance is high on your "attributes"

On Sat, 24 Oct 2009 12:22:33 +1100, "Jeff Richards"
<JRichards RemoveThis @msn.com.au> wrote:

>You have your facts wrong, once again. I did make an effort to ensure that
>people do understand the variables. Specifically, I corrected your
>assertion that "*ALL* the other files and their fixes" are required in order
>to fix a vulnerability. Drawing attention to such a blatantly and obviously
>incorrect assertion may be quite helpful to people working out what they
>should, or shouldn't do about this patch.
>
>But how you managed to read that correction as somehow advocating the
>installation of the fix is a mystery to me. I think your paranoia has
>affected your comprehension. Can you understand how irrational it is to
>assume that anyone who disagrees with any part of anything you say is in
>full agreement with all the other people who have disagreed with you?
>Because that is exactly what you are assuming.
>

Jeff,
No offense is meant to MEB or anyone else. I am trying to be nice
here.

I did understand your post.


Greg

On Fri, 23 Oct 2009 12:53:12 -0700 (PDT), "PA Bear, MS MVP"
<pabearmvp DeleteThis @gmail.com> wrote:

>Horse hockey! KB974455 applies to IE6 SP1 running in Windows 2000
>*SP4* (only), WinXP SP2 or SP3 (only), and Win2003 SP2 (only).
>
><QP>
>It should be a priority for customers who have older releases of the
>software to migrate to supported releases to prevent potential
>exposure to vulnerabilities.
></QP>
>Source: http://www.microsoft.com/technet/security/bulletin/MS09-054.mspx
>(FAQ)
>
>Translation: If you're worried about security, migrate to WinXP SP3 or
>higher.
>
>

I know this is off topic, isn't Microsoft going to say that even if
the system is secure?

I never had virus, spyware, or adware, unless it was my doing.
That with windows 95, 95 osr2, 98se.

Only 3 instances which were my fault.

With xp original,
I got infected right away, not my fault. Remember people had to use
another OS, to download a patch before the could get online.


Greg

Duplicate posted in both threads.
To find out who is accurate, has Mike Brangiton Retired from
Microsoft (He is MSFT)? May he can look at those files 98guy
mentioned and tell if it would be secure or not for 98se or unsecure
if they were installed. That would settle this disagreement.

Greg

> <QP>
> It should be a priority for customers who have older releases of the
> software to migrate to supported releases to prevent potential
> exposure to vulnerabilities.
> </QP>

What part of the above don't you understand? Thousands of security
vulnerabilites have been identified & patched since updates stopped being
issued for Win9x in July 2006. There's simply no way in h*** that a Win9x
box could be consider secure these days.

[Are you thinking of Mike Bannigan?]


Greg wrote:
> Duplicate posted in both threads.
> To find out who is accurate, has Mike Brangiton Retired from
> Microsoft (He is MSFT)? May he can look at those files 98guy
> mentioned and tell if it would be secure or not for 98se or unsecure
> if they were installed. That would settle this disagreement.

"Greg" <invalid.TakeThisOut@invalid.net> wrote in message
news:7kho00F31quv1U1@mid.individual.net...
> snip <
>
> Jeff,
> No offense is meant to MEB or anyone else. I am trying to be nice
> here.
>
> I did understand your post.
>
>
> Greg
>

Thanks for confirming that, but I had pretty much taken that for granted, as
the point was not complicated, namely that the statement I quoted was simply
incorrect. I have not commented at all on whether or not it is sensible or
useful to install this particular patch - others have done that more than
adequately.
--
Jeff Richards
----------------------------------------