The vulnerability announced today in MS06-040 can be remotely exploited to take complete control of a Windows system. Unlike many of Microsoft's other vulnerabilities that are labeled "critical", this one truly is. To make matters worse, according to CERT, they know of working exploit code for this vulnerability. My understanding is that the campus firewall still blocks TCP 139 and 445, so that gives us some limited protection. See http://www.kb.cert.org/vuls/id/650769 for the report from CERT. --Chris ============================================== Chris Wolf Computer Service Manager Agricultural Economics [log in to unmask] Michigan State University 517 353-5017