"Long-anticipated exploit code targeting the most recent Microsoft RPC vulnerabilities is circulating and may cause a denial-of-service on even patched Windows XP systems, experts said. Other versions of Windows might be vulnerable but haven't been tested.

'This code is a universal exploit, which means that it can be used against any version of Windows that is not patched,' says Aaron Schaub, a security analyst at managed security services provider TruSecure Corp. in Herndon, Va. 'However, there have been unconfirmed reports that it will still work against Windows XP SP1 even with all additional security updates installed.' "

Most people don't need the RPC/DCOM functionality that this code exploits - get a program to turn off the functionality on this page. The program download is here.

Blog comment spam, while certainly not a pest on the scale of its email equivalent, has still made enough of a presence felt for it to be considered a threat. Nobody wants to spend two hours a day cleaning out penis-enlargement ads from their blogs, so the blogosphere's brightest stars have been mulling ways to hit it on the head before it becomes a major problem. Various blacklists have been proposed, along with CAPTCHAs, comment throttling, authentication checks and various others.

Great tips! Wish I had time to implement them especially the comments tip because many spammers are getting in my comments.

Cash Coyne writes:

DELL is using false advertising and not living up to its commitments. Yesterday morning, I and many other people ordered their Dimension 4600 systems based on a special deal for an excellent price. I received a confirmation order which is at the bottom this e-mail.

Today, I received an e-mail saying that there was a "pricing error" and they are not responsible for this and are thus cancelling my order. On top of that, when I called to inquire about the situation, they would not discuss it and would not put anyone on the phone to discuss it. The customer service rep would not even allow me to talk to a supervisor. They would only reference the e-mail address.

In the past, Dell has had a reputation of a good company with good customer service. If I walked into a store and an item was mispriced by it's personnel, then I've always been given that price. I think that DELL should be responsible for meeting the same obligation even though it is in cyberspace.

------- Order Confirmation message follows -------
To: Cash
Subject: Dell Order Confirmation
From: "Dell Inc."
Date sent: Thu, 09 Oct 2003 12:28:09 -0600

Thank you for your order. Here are the final details!

Dear Cash,

We'd like to take this opportunity to thank you again for your order. Below, you will find the amount due for your order, as well as your customer number, order number(s) and estimated shipping date. If you change your order (including, but not limited to, your shipping destination), the amount due for your order may change. Keep this e-mail for your records.

------- Response to pricing error message -------

From: dell.com
To: Cash
Subject: Dimension 4600
Date sent: Fri, 10 Oct 2003 14:41:24 -0500

Dear Valued Customer,

In reference to your order for a Dimension 4600 that you have placed online, it has come to our attention that pricing on your order was in error. Dell cannot be responsible for errors, omissions, or consequences of misuse of site and its functions. Because of this your orders have been cancelled.

The original offer is still valid and has been corrected on the website. Please visit if you wish to replace your order at the correct promotional pricing.

If you have specific questions you can contact us at . We apologize for any inconvenience and thank you for chosing DELL.