Hi all, Of course, you all know this, but here is a little story for you: A local university recently had network problems. A year ago, they had spent thousands of money on a large expensive firewall, to stop viruses coming in from the outside. Since they had this firewall, they didn't bother to patch any Windows workstations, other than installing the latest service packs (SP4 in the instance of Windows 2000, and SP6A in the instance of NT4). A couple of years ago, whilst I was still there, I asked them what they did regarding internal security of workstations, the answer was that the firewalls would take kare of all this. Anyway, I got a phone call yesterday from someone who still works there, because early yesterday morning, a member of staff (who is still unidentified), plugged in their laptop into the network as normal, not realising they had the virus. Within minutes, over 100 Windows machines were infected with Blaster, shutting each other down, and bringing the entire network into a mess. The technical team spent the whole of yesterday patching the systems up, but also having to ensure the systems that were not switched on were also patched. The frightening thing is, that where I work, the exact same policy is used (i.e, don't patch until the next service pack comes out). Andrew.