Microsoft's advisory is up: http://www.microsoft.com/technet/security/advisory/2219475.mspx
MSFT says Win Vista and later *not* vulnerable. They offer the workaround of deleting the registry key for the HCP URL handler (HKCR\HCP). They also say the workaround posted in the original article isn't good enough, but don't get into specifics. Thanks again to Susan "SBS Diva" Bradley on the patch-management list for the info. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
