Re: Microsoft Security Bulletin MS00-092

["Forrest J. Cavalier III" <mibsoft () mibsoftware com>]

I dislike this new format of MS security bulletins.

1. First, I am annoyed.  It is more convenient to quick scan
   details in an email, rather than open up a browser.

   There must be many people who still read their email off-line.

   Also MS00-92 did not show as clickable links (because of the
   omission of "http://";), but, maybe I should just be happy that
   I don't have to enable javascript to read the page.

Then I started thinking a little more, and thought
there were some additional problems with providing
just a URL, and few, if any details.

   2. Will this URL work a year from now, with any plain
      HTML browser?

      Microsoft has had a habit of moving things
      around on their web sites, and then not providing
      redirects.

      (They've been better at this recently, to be sure,
      but there was a time that microsoft URLs had a half-life
      of a few months.  And occasionally required enabling
      javascript.)

   3. Will we have to pay to access this URL a year from now?

   4. Will Microsoft announce every correction/clarification in email, or
      will they sometimes update the web page silently (the way they sometimes
      seem to update and pull patches)?

I hope that the original discoverers of these vulnerabilities
continue to publish details, or at least summaries in email.

If I get a vote, I vote to return to the old format.

--
Forrest J. Cavalier III, Mib Software  Voice 570-992-8824

http://www.rocketaware.com/ has over 30,000 links to
source, libraries, functions, applications, and documentation.