ZDNet: Microsoft plugs XP security hole. But of course, most people won't do what is necessary to secure their machines, especially on the consumer front. Zombie XP machines being driven by script kiddies are going to be with us for a long, long time. MS isn't being very helpful, either: they won't release stats on how many people have actually downloaded the patch, and they won't send a reminder email to their customers on the importance of installing it.

What kills me is this bug is yet another buffer overrun. Microsoft has been burned by this same issue so many times in the past, you'd think they would actually do something serious to stop them. It's not that hard, really. But sadly, security on the front end does not appear to be a high priority issue.