Two related points: 1. That patch has yet to make it to the Windows Update site, at least not for Windows 2000. You'd think this patch would qualify for Microsoft's "Critical Update" category! 2. Isn't it high time that a "Critical Update" was released to disable the ridiculous "NeverShowExt" and "Hide extensions for known file types" functionalities? I have never met anyone who finds these features useful; and as noted recently on this list, they can confuse the user by masking files which may contain executable content. - Martin. -----Original Message----- Last MS patch Q290108 released with the bulletin MS01-020 opens a new vulnerability. A tricked EML file can confuse the user displaying him a fake downlodaded file name. .... (snip) http://www.kriptopolis.com/cua/20010404.html -- The Information contained in this E-Mail and any subsequent correspondence is private and is intended solely for the intended recipient(s). For those other than the recipient any disclosure, copying, distribution, or any action taken or omitted to be taken in reliance on such information is prohibited and may be unlawful.