Jelmer made this really neat statement: <|>--__--__-- <|> <|>Message: 5 <|>Date: Mon, 07 Jun 2004 04:17:28 +0200 <|>From: Jelmer <[EMAIL PROTECTED]> <|>Subject: RE: [Full-Disclosure] Internet explorer 6 execution of arbitrary <|>code <|> (An analysis of the 180 Solutions Trojan) <|>To: "'Chris Carlson'" <[EMAIL PROTECTED]> <|>Cc: [EMAIL PROTECTED] <|> <|>I haven't installed SP2 yet since I heard a lot of complaints from people <|>who claimed it caused instability, it had memory management issues, some <|>drivers didn't work, security measures a bit too much in your face etc <|> <|>But I reviewed the list of changes sometime back and I concur, it looks <|>very <|>promising, I think in the near future an IE exploit will be a rare <|>occurrence as opposed to a bi weekly event <|> <|>End of Full-Disclosure Digest
My reply: I have the sp2 after attending the Security Summit 2004. I loaded this on my test laptop. Glad I did. I would have been very pissed if I had loaded it on anything else. First off, if you have McAfee or Norton you no longer are able to update using auto. It for sure is for the "home" user. If you're expecting something that you can have a little more control over this is not for you. One thing that I was afraid of and concerned me due to my mobile users was the ability to use VPN. It works well and does give you options to select services for each connection you use. It did not recognize my virus program being loaded nor give me the option to point to it. I think that's due to the McAfee incompatibility in someway I did look for a fix and found this but haven't tried it yet: ______________ The McAfee framework issue is solved easily. Administrative Tools Component Service DCOM conf Framework service Right-click -> properties Set the launch and access permission to Default Restart pc. McAfee will update properly. Seems to be an error in the McAfee installer ________________ Then of course there seems to be a slue of areas from web programs to a warning from Microsoft "that SP2 will break and disrupt existing applications unless specific code rewrites are made at the developer end". http://www.internetnews.com/ent-news/article.php/3322381 I'll test the above for McAfee fix and see if that works. Randall M _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html