i think the MS web page is greatly underplaying the threat, which contradicts what their own security guy is saying to the press. Check out these quotes, the news and patch links are at the bottom, or go to this news.com page which has links to the patch page in it also: < http://news.com.com/2100-7355_3-5156647.html?tag=nefd_top > From the Associated Press: Microsoft, which learned about the flaws more than six months ago from researchers, said the only protective solution was to apply a repairing patch it offered on its Web site. It assessed the threat to computer users as ''critical,'' its highest rating. Microsoft's security guy Stephen Toulouse: A Microsoft security executive, Stephen Toulouse, said the flawed software was ''an extremely deep and pervasive technology in Windows,'' and urged customers to apply the patch immediately. The flaw bears a resemblance to the one that allowed MSBlast to spread in August 2003, said Stephen Toulouse, security program manager at Microsoft's security response center. "It is relatively similar in terms of the number of computers it could affect," he said, adding that the flaw "is in all versions of Windows." Microsoft security executive, Stephen Toulouse, said the flawed software was ''an extremely deep and pervasive technology in Windows,'' and urged customers to apply the patch immediately. Here's what eEye says: ''This is one of the most serious Microsoft vulnerabilities ever released,'' said Marc Maiffret of eEye Digital Security Inc. of Aliso Viejo, Calif., which discovered the new Windows flaws. ''The breadth of systems affected is probably the largest ever. This is something that will let you get into Internet servers, internal networks, pretty much any system.'' Maiffret said some computer systems that control critically important power or water utilities were vulnerable. Maiffret predicted hackers will try to unleash a damaging Internet infection within weeks. Unlike earlier vulnerabilities that spawned such attacks, hackers can exploit the newly disclosed flaws to break into susceptible computers using dozens of methods, making any defense far more difficult. ''The race will be on,'' agreed Marcus Sachs, a former White House adviser on cybersecurity. - (comment here - MS' web page says it's only in NT and up operating system so who knows what's correct - MS contradicting itself) I'll try putting the link to the patch page in brackets here: < http://www.microsoft.com/technet/treeview/?url=/technet/security/ bulletin/MS04-007.asp > AP warning story: < http://www.boston.com/dailynews/041/wash/ Microsoft_warns_consumers_abou:.shtml > < http://news.com.com/2100-7355_3-5156647.html?tag=nefd_top >