(811493)

http://www.microsoft.com/technet/security/bulletin/MS03-013.asp

Buffer Overrun in Windows Kernel Message Handling could Lead to
Elevated Privileges (811493)

Hello,

The information in the "Mitigating factors" section of Microsoft's
bulletin claiming that this vulnerability is not exploitable by e-mail
borne attacks is incorrect. Test exploits have been produced for WWW,
Outlook, and Outlook Express attack scenarios. In each of the cases, the
exploit code runs without further user interaction on the victim system.
Furthermore, no e-mail attachments or any kind of scripting are needed
since the attack can be carried out via a standard HTML. In fact, merely
starting the e-mail program can lead to exploitation because (depending on
configuration) it may automatically open the first new message.

Rather disturbing in http://support.microsoft.com/?kbid=819634
Workaround Method 2: Temporarily Turn Off Real-Time Scanning in Your Antivirus Program !!!

In other words, you might keep the buggy patch without slowing down your system, just allow any virus to mess your system instead !

Is that the new secuerity M$ policy ?

Rgds,

 

JACK

Lovely...just lovely......lets see.....do users install the nice resourse hog patch M$ so lovingly provided to its endeared customers..........then turn off real time scanning...an open the os to one of the many hundred of thousands of viruses.......gee,....oh, but wait....M$ says we can do on demand scans....after infected......hmmmmmmm