If you read it on the Internet, it must be true. The sky is falling! Seriously... it *might* be true. And this once again leads us to the never ending battle of "exploits in a lab environment" vs "exploits in the wild" and the responsibilities of both the reporting party and Microsoft. If the cat is truly out of the bag, you can be sure that some hack is already cranking out code for the script kiddies to download and play with. Otherwise, we wait for another sercurity bulletin and patch as needed. ----- Original Message ----- From: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Monday, September 30, 2002 4:51 PM Subject: [isalist] Microsoft PPTP VPN vulnerability http://www.ISAserver.org Any validity to this? http://www.infoworld.com/articles/hn/xml/02/09/27/020927hnmsvpnflaw.xml http://zdnet.com.com/2100-1105-959659.html