Lik-Sang Out of Business

A truly sad day for gamers:

Important Notice: Lik-Sang.com Out of Business due to Multiple Sony Lawsuits
Tue Oct 24 2006 21:58:51 Hong Kong Time - Corporate Info

FOR IMMEDIATE RELEASE - OUT OF BUSINESS NOTICE

Hong Kong, October 24th of 2006 - Lik-Sang.com, the popular gaming retailer from Hong Kong, has today announced that it is forced to close down due to multiple legal actions brought against it by Sony Computer Entertainment Europe Limited and Sony Computer Entertainment Inc. Sony claimed that Lik-Sang infringed its trade marks, copyright and registered design rights by selling Sony PSP consoles from Asia to European customers, and have recently obtained a judgment in the High Court of London (England) rendering Lik-Sang's sales of PSP consoles unlawful.

As of today, Lik-Sang.com will not be in the position to accept any new orders and will cancel and refund all existing orders that have already been placed. Furthermore, Lik-Sang is working closely with banks and PayPal to refund any store credits held by the company, and the customer support department is taking care of any open transactions such as pending RMAs or repairs and shipping related matters. The staff of Lik-Sang will make sure that nobody will get hurt in the crossfire of this ordeal.

A Sony spokesperson declined to comment directly on the lawsuit against Lik-Sang, but recently went on to tell Gamesindustry.biz that "ultimately, we're trying to protect consumers from being sold hardware that does not conform to strict EU or UK consumer safety standards, due to voltage supply differences et cetera; is not - in PS3's case - backwards compatible with either PS1 or PS2 software; will not play European Blu-Ray movies or DVDs; and will not be covered by warranty".

Lik Sang strongly disagrees with Sony's opinion that their customers need this kind of protection and pointed out that PSP consoles shipped from Lik-Sang contained genuine Sony 100V-240V AC Adapters that carry CE and other safety marks and are compatible world wide. All PSP consoles were in conformity with all EU and UK consumer safety regulations.

Furthermore, Sony have failed to disclose to the London High Court that not only the world wide gaming community in more than 100 countries relied on Lik-Sang for their gaming needs, but also Sony Europe's very own top directors repeatedly got their Sony PSP hard or software imports in nicely packed Lik-Sang parcels with free Lik-Sang Mugs or Lik-Sang Badge Holders, starting just two days after Japan's official release, as early as 14th of December 2004 (more than nine months earlier than the legal action). The list of PSP related Sony Europe orders reads like the who's who of the videogames industry, and includes Ray Maguire (Managing Director, Sony Computer Entertainment Europe Ltd), Alan Duncan (UK Marketing Director, Sony Computer Entertainment Europe Ltd), Chris Sorrell (Creative Director, Sony Computer Entertainment Europe Ltd), Rob Parkin (Development Director, Sony Computer Entertainment Europe Limited), just to name a few.

"Today is Sony Europe victory about PSP, tomorrow is Sony Europe’s ongoing pressure about PlayStation 3. With this precedent set, next week could already be the stage for complaints from Sony America about the same thing, or from other console manufacturers about other consoles to other regions, or even from any publisher about any specific software title to any country they don’t see fit. It’s the beginning of the end... of the World as we know it", stated Pascal Clarysse, formerly known as the Marketing Manager of Lik-Sang.com.

"Blame it on Sony. That's the latest dark spot in their shameful track record as gaming industry leader. The Empire finally 'won', few dominating retailers from the UK probably will rejoice the news, but everybody else in the gaming world lost something today."

"Networking" the right way

I've long been opposed to speaking without having something worthwhile to say (with, of course, the occasional slip). I've also avoided superficial people and connections with them. This coupled with my generally solitary attitude has left me with few "contacts" in any given industry.

a.k.a I'm anti-social to my own detriment.

On a personal note, I've come to the realization that I do want to be connected to more people. I do want to have more friends. I've also come to realize that it will require that I be a better friend. I make it a point to "be there" when my friends need me (not without fail, but I do my best). I had to ask myself, how do they know they can count on me? If I don't see or speak to someone for weeks, months, or even years, what would even make them think to call me?

This is where it coalesces with the professional. In both aspects of my life I've been feeling the need to be more productive. By productive, I mean that I want to be the source of something positive. Be it a sincere ear and a solid shoulder to my friends, or providing programmatic solutions through my technical know how, I want to produce.

Sometimes it takes a statement of what should be the obvious to give the lightbulb that last twist it needed to really connect and light up. My twist came in the form of this post over at businessnetworkingadvice.com (as if the name doesn't say it all :p):
http://businessnetworkingadvice.com/2006/10/merlin-mann-from-43folderscom.html
which I found through a post at 43folders.com:
http://www.43folders.com/2006/10/16/how-to-network/

Below is the text of the interview. Of particular note are the "5 small ideas" for improving networking skills.

Merlin Mann from 43Folders.com - Interview

Merlin Mann is the creator of 43 Folders, a family of websites about personal productivity, which includes a collection of simple ways to make your life a little better.

Merlin makes some interesting points -- I particularly appreciated what he said about doing for others while expecting nothing in return... a hard pill for some to swallow, but those that take this idea to heart will be well ahead of the game if you ask me.

Josh: How do you define Business Networking and why do you feel it is important?

Merlin Mann: Hm. That's a complicated one.

I have to admit that I loathe "networking" in what I take to be the conventional sense of the word -- to leverage friends and strangers for whatever intrinsic value _their_ relationships can bring to oneself.

Consequently, I've always tried to avoid becoming one of those horrible little men who pretends to like everyone for the primary purpose of eventually pressing a crisp new business card into each of their palms while making a vague promise about future synergies and meals. That makes my skin crawl.

Having said that, I finally have grown up enough to realize two things.

First -- people who genuinely like one another usually enjoy introducing each other to _other_ people that they like. That's just human nature. It's a healthy habit and it spreads interesting connections and ideas.

Second, the heart of ethical and humane networking means _not_ asking favors of others, but instead frequently doing unrequested propers for _others_. And expecting zilch in return.

So I guess networking, in an ideal world, just means you help your friends meet cool people as you do nice things for them. I can get behind that.

But the grinning bearers of business cards who clearly want to put your soul in a Bell jar on their desk? I can still do without them.

Josh: Can you share one idea that someone could put into practice that would help them to improve their business networking skills?

Merlin Mann: No but I will share 5 very short ones.

1. try not to lie or mislead
2. always accept "no" (esp. when people want to be left alone)
3. don't treat your friends like either hookers, agents, or trading cards
4. never be afraid to dislike people who deserve to be disliked
5. accept that a lot of people in life think you're a d#@chebag, then move on

--Visit Merlin Mann at www.43folders.com.

FYI: I provide links to sources because I think it would be wrong not to. I include the text because a random 404 should keep anyone from good info.

Security Update for Windows XP (KB924496): Thanks for all the links

An example of the steps required to see what actually migh be happening in to your system.

Security Update for Windows XP (KB924496)
Typical download size: 495 KB , less than 1 minute
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...


Thats not very informative, so click Details...

Security Update for Windows XP (KB924496)
Date last published: 10/10/2006
Typical download size: 495 KB
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.
System Requirements
Recommended CPU: Not specified.
Recommended memory: Not specified.
Recommended hard disk space: Not specified.
How to Uninstall
This software update can be removed via Add or Remove Programs in Control Panel.
Get help and support
http://support.microsoft.com
More information
http://go.microsoft.com/fwlink/?LinkId=73851


Still not telling me ver much. Look another link.

Microsoft Security Bulletin MS06-065
Vulnerability in Windows Object Packager Could Allow Remote Execution (924496)
Published: October 10, 2006

Version: 1.0

Summary
Who Should Read this Document: Customers who use Microsoft Windows

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Moderate

Recommendation: Customers should consider applying the security update.

Security Update Replacement: None

Caveats: None

Tested Software and Security Update Download Locations:

Affected Software:

• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 — Download the update

• Microsoft Windows XP Professional x64 Edition — Download the update

• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 — Download the update

• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems — Download the update

• Microsoft Windows Server 2003 x64 Edition — Download the update


Non-Affected Software:

• Microsoft Windows 2000 Service Pack 4


The software in this list has been tested to determine whether the versions are affected. Other versions either no longer include security update support or may not be affected. To determine the support life cycle for your product and version, visit the Microsoft Support Lifecycle Web site.

Note The security updates for Microsoft Windows Server 2003, Windows Server 2003 Service Pack 1, and Windows Server 2003 x64 Edition also apply to Windows Server 2003 R2.

Top of section
General Information
Executive Summary

Executive Summary:

This update resolves a newly discovered, privately reported, vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin.

An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. However, significant user interaction is required to exploit this vulnerability.

Customers should consider applying the security update

Severity Ratings and Vulnerability Identifiers:

Vulnerability Identifiers Impact of Vulnerability Windows XP Service Pack 1 Windows XP Service Pack 2 Windows Server 2003 Windows Server 2003 Service Pack 1
Object Packager Dialogue Spoofing Vulnerability - CVE-2006-4692
Remote Code Execution
Moderate
Moderate
Low
Low


This assessment is based on the types of systems that are affected by the vulnerability, their typical deployment patterns, and the effect that exploiting the vulnerability would have on them.

Note The security updates for Windows Server 2003, Windows Server 2003 Service Pack 1, and Windows Server 2003 x64 Edition also apply to Windows Server 2003 R2.

Note The severity ratings for non-x86 operating system versions map to the x86 operating systems versions as follows:

• The Windows XP Professional x64 Edition severity rating is the same as the Windows Server 2003 Service Pack 1.

• The Windows Server 2003 for Itanium-based Systems severity rating is the same as the Windows Server 2003 severity rating.

• The Windows Server 2003 with SP1 for Itanium-based Systems severity rating is the same as the Windows Server 2003 Service Pack 1 severity rating.

• The Windows Server 2003 x64 Edition severity rating is the same as the Windows Server 2003 Service Pack 1 severity rating.


Top of section
Frequently Asked Questions (FAQ) Related to This Security Update

Extended security update support for Microsoft Windows 98, Windows 98 Second Edition, or Windows Millennium Edition ended on July 11, 2006. I am still using one of these operating systems; what should I do?
Windows 98, Windows 98 Second Edition, and Windows Millennium Edition have reached the end of their support life cycles. It should be a priority for customers who have these operating system versions to migrate to supported versions to prevent potential exposure to vulnerabilities. For more information about the Windows Product Lifecycle, visit the following Microsoft Support Lifecycle Web site. For more information about the extended security update support period for these operating system versions, visit the Microsoft Product Support Services Web site.Extended security update support for Microsoft Windows NT Workstation 4.0 Service Pack 6a and Windows 2000 Service Pack 2 ended on June 30, 2004. Extended security update support for Microsoft Windows NT Server 4.0 Service Pack 6a ended on December 31, 2004. Extended security update support for Microsoft Windows 2000 Service Pack 3 ended on June 30, 2005. I am still using one of these operating systems; what should I do?
Windows NT Workstation 4.0 Service Pack 6a, Windows NT Server 4.0 Service Pack 6a, Windows 2000 Service Pack 2, and Windows 2000 Service Pack 3 have reached the end of their support life cycles. It should be a priority for customers who have these operating system versions to migrate to supported versions to prevent potential exposure to vulnerabilities. For more information about the Windows Product Lifecycle, visit the following Microsoft Support Lifecycle Web site. For more information about the extended security update support period for these operating system versions, visit the Microsoft Product Support Services Web site.

Customers who require custom support for these products must contact their Microsoft account team representative, their Technical Account Manager, or the appropriate Microsoft partner representative for custom support options. Customers without an Alliance, Premier, or Authorized Contract can contact their local Microsoft sales office. For contact information, visit the Microsoft Worldwide Information Web site, select the country, and then click Go to see a list of telephone numbers. When you call, ask to speak with the local Premier Support sales manager. For more information, see the Windows Operating System Product Support Lifecycle FAQ.

Can I use the Microsoft Baseline Security Analyzer (MBSA) to determine whether this update is required?
The following table provides the MBSA detection summary for this security update.

Product MBSA 1.2.1 MBSA 2.0
Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
Yes
Yes

Microsoft Windows XP Professional x64 Edition
No
Yes

Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
Yes
Yes

Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with Service Pack 1 for Itanium-based Systems
No
Yes

Microsoft Windows Server 2003 x64 Edition family
No
Yes


For more information about MBSA, visit the MBSA Web site. For more information about the programs that Microsoft Update and MBSA 2.0 currently do not detect, see Microsoft Knowledge Base Article 895660.

For more detailed information, see Microsoft Knowledge Base Article 910723.

Can I use Systems Management Server (SMS) to determine whether this update is required?
The following table provides the SMS detection summary for this security update.

Product SMS 2.0 SMS 2003
Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
Yes
Yes

Microsoft Windows XP Professional x64 Edition
No
Yes

Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
Yes
Yes

Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with Service Pack 1 for Itanium-based Systems
No
Yes

Microsoft Windows Server 2003 x64 Edition family
No
Yes


SMS 2.0 and SMS 2003 Software Update Services (SUS) Feature Pack can use MBSA 1.2.1 for detection and therefore have the same limitation that is listed earlier in this bulletin related to programs that MBSA 1.2.1 does not detect.

For more information about SMS, visit the SMS Web site.

For more detailed information, see Microsoft Knowledge Base Article 910723.

Top of section
Vulnerability Details

Object Packager Dialogue Spoofing Vulnerability - CVE-2006-4692:

A remote code execution vulnerability exists in Windows Object Packager because of the way that file extensions are handled. An attacker could exploit the vulnerability by constructing a specially crafted file that could potentially allow remote code execution if a user visited a specially crafted Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, significant user interaction is required to exploit this vulnerability.

Mitigating Factors for Object Packager Dialogue Spoofing Vulnerability - CVE-2006-4692:

• In a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site. After they click the link, they would be prompted to perform several actions. An attack could only occur after they performed these actions.

• By default, Internet Explorer on Windows Server 2003 runs in a restricted mode that is known as Enhanced Security Configuration. This mode mitigates this vulnerability. See the FAQ section of this security update for more information about Internet Explorer Enhanced Security Configuration.


Top of section
Workarounds for Object Packager Dialogue Spoofing Vulnerability - CVE-2006-4692:

We have not identified any workarounds for this vulnerability.

Top of section
FAQ for Object Packager Dialogue Spoofing Vulnerability - CVE-2006-4692:

What is the scope of the vulnerability?
This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could remotely take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In order to exploit the vulnerability the user would have to open an .rtf file and then click on an embedded object within the file. After clicking on the object the user would then have to click on the embedded object within the file and accept a misleading dialogue indicating that the user is about access a different file type.

What causes the vulnerability?
Improper handling of files by Object Packager.

What is Object Packager?
Object Packager is a tool that can be used to create a package that can inserted into a file. For more information about Object Packager, visit the following Microsoft Product Documentation.

What might an attacker use the vulnerability to do?
An attacker who successfully exploited this vulnerability could take complete control of the affected system.

Who could exploit the vulnerability?
Any anonymous user who could deliver a specially crafted message to the affected system could try to exploit this vulnerability.

In a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to attempt to exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems.

How could an attacker exploit the vulnerability?
An attacker could try to exploit the vulnerability by creating a specially crafted file and sending the file to a user on an affected system in email our by having them click on a link to receive the file. Once the file is received the user would then have to click on the embedded object within the file and accept a misleading dialogue indicating that the user is about access a different file type. The file could then cause the affected system to execute code.

What systems are primarily at risk from the vulnerability?
This vulnerability requires that a user is logged on and visits a Web site for any malicious action to occur. Therefore, any systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from these vulnerabilities.

I am running Internet Explorer on Windows Server 2003. Does this mitigate this vulnerability?
Yes. By default, Internet Explorer on Windows Server 2003 runs in a restricted mode that is known as Enhanced Security Configuration. This mode mitigates this vulnerability.

What is the Internet Explorer Enhanced Security Configuration?
Internet Explorer Enhanced Security Configuration is a group of preconfigured Internet Explorer settings that reduce the likelihood of a user or of an administrator downloading and running specially crafted Web content on a server. Internet Explorer Enhanced Security Configuration reduces this risk by modifying many security-related settings. This includes the settings on the Security tab and the Advanced tab in the Internet Options dialog box. Some of the important modifications include the following:

• Security level for the Internet zone is set to High. This setting disables scripts, ActiveX controls, Microsoft Java Virtual Machine (MSJVM), and file downloads.

• Automatic detection of intranet sites is disabled. This setting assigns all intranet Web sites and all Universal Naming Convention (UNC) paths that are not explicitly listed in the Local intranet zone to the Internet zone.

• Install On Demand and non-Microsoft browser extensions are disabled. This setting prevents Web pages from automatically installing components and prevents non-Microsoft extensions from running.

• Multimedia content is disabled. This setting prevents music, animations, and video clips from running.


For more information regarding Internet Explorer Enhanced Security Configuration, see the guide, Managing Internet Explorer Enhanced Security Configuration, at the following Web site.

What does the update do?
The update removes the vulnerability by modifying the way that Windows Explorer handles Object Packager files so that the file type of the packaged file is accurately displayed.

When this security bulletin was issued, had this vulnerability been publicly disclosed?
No. Microsoft received information about this vulnerability through responsible disclosure.

When this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited?
No. Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers and had not seen any examples of proof of concept code published when this security bulletin was originally issued.

Top of section
Top of section
Top of section
Security Update Information

Affected Software:

For information about the specific security update for your affected software, click the appropriate link:

Windows XP (all versions)

Prerequisites
This security update requires Microsoft Windows XP Service Pack 1 or a later version. For more information, see Microsoft Knowledge Base Article 322389.

Inclusion in Future Service Packs
The update for this issue will be included in a future Service Pack or Update Rollup.

Installation Information

This security update supports the following setup switches.

Supported Security Update Installation Switches
Switch Description
/help
Displays the command-line options.

Setup Modes
/passive
Unattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds.

/quiet
Quiet mode. This is the same as unattended mode, but no status or error messages are displayed.

Restart Options
/norestart
Does not restart when installation has completed.

/forcerestart
Restarts the computer after installation and forces other applications to close at shutdown without saving open files first.

/warnrestart[:x]
Displays a dialog box with a timer warning the user that the computer will restart in x seconds. (The default setting is 30 seconds.) Intended for use with the /quiet switch or the /passive switch.

/promptrestart
Display a dialog box prompting the local user to allow a restart.

Special Options
/overwriteoem
Overwrites OEM files without prompting.

/nobackup
Does not back up files needed for uninstallation.

/forceappsclose
Forces other programs to close when the computer shuts down.

/log:path
Allows the redirection of installation log files.

/integrate:path
Integrates the update into the Windows source files. These files are located at the path that is specified in the switch.

/extract[:path]
Extracts files without starting the Setup program.

/ER
Enables extended error reporting.

/verbose
Enables verbose logging. During installation, creates %Windir%\CabBuild.log. This log details the files that are copied. Using this switch may cause the installation to proceed more slowly.


Note You can combine these switches into one command. For backward compatibility, the security update also supports the setup switches that the earlier version of the Setup program uses. For more information about the supported installation switches, see Microsoft Knowledge Base Article 262841. For more information about the Update.exe installer, visit the Microsoft TechNet Web site.

Deployment Information

To install the security update without any user intervention, use the following command at a command prompt for Microsoft Windows XP:

Windowsxp-KB924496-x86-enu /quiet

Note Use of the /quiet switch will suppress all messages. This includes suppressing failure messages. Administrators should use one of the supported methods to verify the installation was successful when they use the /quiet switch. Administrators should also review the KB924496.log file for any failure messages when they use this switch.

To install the security update without forcing the system to restart, use the following command at a command prompt for Windows XP:

Windowsxp-KB924496-x86-enu /norestart

For information about how to deploy this security update by using Software Update Services, visit the Software Update Services Web site. For more information about how to deploy this security update using Windows Server Update Services, visit the Windows Server Update Services Web site. This security update will also be available through the Microsoft Update Web site.

Restart Requirement

You must restart your system after you apply this security update..

Removal Information

To remove this security update, use the Add or Remove Programs tool in Control Panel.

System administrators can also use the Spuninst.exe utility to remove this security update. The Spuninst.exe utility is located in the %Windir%\$NTUninstallKB924496$\Spuninst folder.

Supported Spuninst.exe Switches
Switch Description
/help
Displays the command-line options.

Setup Modes
/passive
Unattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds.

/quiet
Quiet mode. This is the same as unattended mode, but no status or error messages are displayed.

Restart Options
/norestart
Does not restart when installation has completed.

/forcerestart
Restarts the computer after installation and forces other applications to close at shutdown without saving open files first.

/warnrestart[:x]
Displays a dialog box with a timer warning the user that the computer will restart in x seconds. (The default setting is 30 seconds.) Intended for use with the /quiet switch or the /passive switch.

/promptrestart
Display a dialog box prompting the local user to allow a restart.

Special Options
/forceappsclose
Forces other programs to close when the computer shuts down.

/log:path
Allows the redirection of installation log files.


File Information

The English version of this security update has the file attributes that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

Windows XP Home Edition Service Pack 1, Windows XP Professional Service Pack 1, Windows XP Tablet PC Edition, Windows XP Media Center Edition, Windows XP Home Edition Service Pack 2, Windows XP Professional Service Pack 2, Windows XP Tablet PC Edition 2005, and Windows XP Media Center Edition 2005:

File Name Version Date Time Size Folder
Browseui.dll
6.0.2800.1892
04-Sep-2006
06:23
1,027,072
SP1QFE

Shdocvw.dll
6.0.2800.1892
04-Sep-2006
06:23
1,351,680
SP1QFE

Shdocvw.dll
6.0.2900.2987
04-Sep-2006
06:08
1,494,016
SP2GDR

Shdocvw.dll
6.0.2900.2987
04-Sep-2006
06:12
1,497,088
SP2QFE


Windows XP Professional x64:

File Name Version Date Time Size CPU Folder
Shdocvw.dll
6.0.3790.2783
04-Sep-2006
06:57
2,436,096
x64
SP1GDR

Wshdocvw.dll
6.0.3790.2783
04-Sep-2006
06:58
1,513,984
x86
SP1GDR\WOW

Shdocvw.dll
6.0.3790.2783
04-Sep-2006
06:55
2,437,120
x64
SP1QFE

Wshdocvw.dll
6.0.3790.2783
04-Sep-2006
06:55
1,515,008
x86
SP1QFE\WOW


Notes When you install these security updates, the installer checks to see if one or more of the files that are being updated on your system have previously been updated by a Microsoft hotfix.

If you have previously installed a hotfix to update one of these files, the installer copies the RTMQFE, SP1QFE, or SP2QFE files to your system. Otherwise, the installer copies the RTMGDR, SP1GDR, or SP2GDR files to your system. Security updates may not contain all variations of these files. For more information about this behavior, see Microsoft Knowledge Base Article 824994.

For more information about the Update.exe installer, visit the Microsoft TechNet Web site.

For more information about the terminology that appears in this bulletin, such as hotfix, see Microsoft Knowledge Base Article 824684.

Verifying that the Update Has Been Applied

• Microsoft Baseline Security Analyzer

To verify that a security update has been applied to an affected system, you may be able to use the Microsoft Baseline Security Analyzer (MBSA) tool. See the frequently asked question, “Can I use the Microsoft Baseline Security Analyzer (MBSA) to determine whether this update is required?” in the section, Frequently Asked Questions (FAQ) Related to This Security Update, earlier in this bulletin.

• File Version Verification

Note Because there are several versions of Microsoft Windows, the following steps may be different on your computer. If they are, see your product documentation to complete these steps.

1.
Click Start, and then click Search.

2.
In the Search Results pane, click All files and folders under Search Companion.

3.
In the All or part of the file name box, type a file name from the appropriate file information table, and then click Search.

4.
In the list of files, right-click a file name from the appropriate file information table, and then click Properties.

Note Depending on the version of the operating system or programs installed, some of the files that are listed in the file information table may not be installed.

5.
On the Version tab, determine the version of the file that is installed on your computer by comparing it to the version that is documented in the appropriate file information table.

Note Attributes other than the file version may change during installation. Comparing other file attributes to the information in the file information table is not a supported method of verifying that the update has been applied. Also, in certain cases, files may be renamed during installation. If the file or version information is not present, use one of the other available methods to verify update installation.


• Registry Key Verification

You may also be able to verify the files that this security update has installed by reviewing the following registry keys.

For Windows XP Home Edition Service Pack 1, Windows XP Professional Service Pack 1, Windows XP Tablet PC Edition, Windows XP Media Center Edition, Windows XP Home Edition Service Pack 2, Windows XP Professional Service Pack 2, Windows XP Tablet PC Edition 2005, and Windows XP Media Center Edition 2005:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP3\KB924496\Filelist

For Windows XP Professional x64 Edition:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP Version 2003\SP2\KB924496\Filelist

Note These registry keys may not contain a complete list of installed files. Also, these registry keys may not be created correctly if an administrator or an OEM integrates or slipstreams the security update into the Windows installation source files.


Top of section
Windows Server 2003 (all versions)

Prerequisites
This security update requires Windows Server 2003 or Windows Server 2003 Service Pack 1.

Note The security updates for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 also apply to Microsoft Windows Server 2003 R2.

Inclusion in Future Service Packs
The update for this issue will be included in future Service Pack or Update Rollup.

Installation Information

This security update supports the following setup switches.

Supported Security Update Installation Switches
Switch Description
/help
Displays the command-line options.

Setup Modes
/passive
Unattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds.

/quiet
Quiet mode. This is the same as unattended mode, but no status or error messages are displayed.

Restart Options
/norestart
Does not restart when installation has completed.

/forcerestart
Restarts the computer after installation and forces other applications to close at shutdown without saving open files first.

/warnrestart[:x]
Displays a dialog box with a timer warning the user that the computer will restart in x seconds. (The default setting is 30 seconds.) Intended for use with the /quiet switch or the /passive switch.

/promptrestart
Display a dialog box prompting the local user to allow a restart.

Special Options
/overwriteoem
Overwrites OEM files without prompting.

/nobackup
Does not back up files needed for uninstallation.

/forceappsclose
Forces other programs to close when the computer shuts down.

/log: path
Allows the redirection of installation log files.

/integrate:path
Integrates the update into the Windows source files. These files are located at the path that is specified in the switch.

/extract[:path]
Extracts files without starting the Setup program.

/ER
Enables extended error reporting.

/verbose
Enables verbose logging. During installation, creates %Windir%\CabBuild.log. This log details the files that are copied. Using this switch may cause the installation to proceed more slowly.


Note You can combine these switches into one command. For backward compatibility, the security update also supports many of the setup switches that the earlier version of the Setup program uses. For more information about the supported installation switches, see Microsoft Knowledge Base Article 262841. For more information about the Update.exe installer, visit the Microsoft TechNet Web site.

Deployment Information

To install the security update without any user intervention, use the following command at a command prompt for Windows Server 2003:

Windowsserver2003-KB924496-x86-enu /quiet

Note Use of the /quiet switch will suppress all messages. This includes suppressing failure messages. Administrators should use one of the supported methods to verify the installation was successful when they use the /quiet switch. Administrators should also review the KB924496.log file for any failure messages when they use this switch.

To install the security update without forcing the system to restart, use the following command at a command prompt for Windows Server 2003:

Windowsserver2003-KB924496-x86-enu /norestart

For information about how to deploy this security update by using Software Update Services, visit the Software Update Services Web site. For more information about how to deploy this security update using Windows Server Update Services, visit the Windows Server Update Services Web site. This security update will also be available through the Microsoft Update Web site.

Restart Requirement

You must restart your system after you apply this security update.

This security update does not support HotPatching. For more information about HotPatching, see Microsoft Knowledge Base Article 897341.

Note Not all security updates support HotPatching, and some security updates that support HotPatching might require that you restart the server after you install the security update. HotPatching is only supported if the files being replaced by the security update are General Distribution Release (GDR) files. HotPatching is not supported if you have previously installed a hotfix to update one of the files included in the security update. For more information about this behavior, see Microsoft Knowledge Base Article 897341and Microsoft Knowledge Base Article 824994.

Removal Information

To remove this update, use the Add or Remove Programs tool in Control Panel.

System administrators can also use the Spuninst.exe utility to remove this security update. The Spuninst.exe utility is located in the %Windir%\$NTUninstallKB924496$\Spuninst folder.

Supported Spuninst.exe Switches
Switch Description
/help
Displays the command-line options.

Setup Modes
/passive
Unattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds.

/quiet
Quiet mode. This is the same as unattended mode, but no status or error messages are displayed.

Restart Options
/norestart
Does not restart when installation has completed.

/forcerestart
Restarts the computer after installation and forces other applications to close at shutdown without saving open files first.

/warnrestart[:x]
Displays a dialog box with a timer warning the user that the computer will restart in x seconds. (The default setting is 30 seconds.) Intended for use with the /quiet switch or the /passive switch.

/promptrestart
Display a dialog box prompting the local user to allow a restart.

Special Options
/forceappsclose
Forces other programs to close when the computer shuts down.

/log:path
Allows the redirection of installation log files.


File Information

The English version of this security update has the file attributes that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

Windows Server 2003, Web Edition; Windows Server 2003, Standard Edition; Windows Server 2003, Datacenter Edition; Windows Server 2003, Enterprise Edition; Windows Small Business Server 2003; Windows Server 2003, Web Edition with SP1; Windows Server 2003, Standard Edition with SP1; Windows Server 2003, Enterprise Edition with SP1; Windows Server 2003, Datacenter Edition with SP1; Windows Server 2003 R2, Web Edition; Windows Server 2003 R2, Standard Edition; Windows Server 2003 R2, Datacenter Edition; Windows Server 2003 R2, Enterprise Edition; Windows Small Business Server 2003 R2:

File Name Version Date Time Size CPU Folder
Shdocvw.dll
6.0.3790.588
04-Sep-2006
06:09
1,398,272
x86
RTMGDR

Browseui.dll
6.0.3790.550
23-Jun-2006
20:54
1,057,280
x86
RTMQFE

Shdocvw.dll
6.0.3790.588
04-Sep-2006
06:14
1,399,296
x86
RTMQFE

Shdocvw.dll
6.0.3790.2783
04-Sep-2006
06:27
1,513,984
x86
SP1GDR

Shdocvw.dll
6.0.3790.2783
04-Sep-2006
06:31
1,515,008
x86
SP1QFE


Windows Server, 2003 Enterprise Edition for Itanium-based Systems; Windows Server 2003, Datacenter Edition for Itanium-based Systems; Windows Server 2003, Enterprise Edition with SP1 for Itanium-based Systems; and Windows Server 2003, Datacenter Edition with SP1 for Itanium-based Systems:

File Name Version Date Time Size CPU Folder
Shdocvw.dll
6.0.3790.588
04-Sep-2006
06:55
3,375,104
IA-64
RTMGDR

Wshdocvw.dll
6.0.3790.588
04-Sep-2006
06:55
1,398,272
x86
RTMGDR\WOW

Browseui.dll
6.0.3790.550
04-Sep-2006
06:55
2,538,496
IA-64
RTMQFE

Shdocvw.dll
6.0.3790.588
04-Sep-2006
06:55
3,381,248
IA-64
RTMQFE

Wbrowseui.dll
6.0.3790.550
04-Sep-2006
06:55
1,057,280
x86
RTMQFE\WOW

Wshdocvw.dll
6.0.3790.588
04-Sep-2006
06:55
1,399,296
x86
RTMQFE\WOW

Shdocvw.dll
6.0.3790.2783
04-Sep-2006
06:59
3,677,696
IA-64
SP1GDR

Wshdocvw.dll
6.0.3790.2783
04-Sep-2006
06:59
1,513,984
x86
SP1GDR\WOW

Shdocvw.dll
6.0.3790.2783
04-Sep-2006
06:55
3,678,720
IA-64
SP1QFE

Wshdocvw.dll
6.0.3790.2783
04-Sep-2006
06:55
1,515,008
x86
SP1QFE\WOW


Windows Server 2003, Standard x64 Edition; Windows Server 2003, Enterprise x64 Edition; and Windows Server 2003, Datacenter x64 Edition; Windows Server 2003 R2, Standard x64 Edition; Windows Server 2003 R2, Enterprise x64 Edition; and Windows Server 2003 R2, Datacenter x64 Edition:

File Name Version Date Time Size CPU Folder
Shdocvw.dll
6.0.3790.2783
04-Sep-2006
06:57
2,436,096
x64
SP1GDR

Wshdocvw.dll
6.0.3790.2783
04-Sep-2006
06:58
1,513,984
x86
SP1GDR\WOW

Shdocvw.dll
6.0.3790.2783
04-Sep-2006
06:55
2,437,120
x64
SP1QFE

Wshdocvw.dll
6.0.3790.2783
04-Sep-2006
06:55
1,515,008
x86
SP1QFE\WOW


Notes When you install these security updates, the installer checks to see if one or more of the files that are being updated on your system have previously been updated by a Microsoft hotfix.

If you have previously installed a hotfix to update one of these files, the installer copies the RTMQFE, SP1QFE, or SP2QFE files to your system. Otherwise, the installer copies the RTMGDR, SP1GDR, or SP2GDR files to your system. Security updates may not contain all variations of these files. For more information about this behavior, see Microsoft Knowledge Base Article 824994.

For more information about this behavior, see Microsoft Knowledge Base Article 824994.

For more information about the Update.exe installer, visit the Microsoft TechNet Web site.

For more information about the terminology that appears in this bulletin, such as hotfix, see Microsoft Knowledge Base Article 824684.

Verifying that the Update Has Been Applied

• Microsoft Baseline Security Analyzer

To verify that a security update has been applied to an affected system, you may be able to use the Microsoft Baseline Security Analyzer (MBSA) tool. See the frequently asked question, “Can I use the Microsoft Baseline Security Analyzer (MBSA) to determine whether this update is required?” in the section, Frequently Asked Questions (FAQ) Related to This Security Update, earlier in this bulletin.

• File Version Verification

Note Because there are several versions of Microsoft Windows, the following steps may be different on your computer. If they are, see your product documentation to complete these steps.

1.
Click Start, and then click Search.

2.
In the Search Results pane, click All files and folders under Search Companion.

3.
In the All or part of the file name box, type a file name from the appropriate file information table, and then click Search.

4.
In the list of files, right-click a file name from the appropriate file information table, and then click Properties.

Note Depending on the version of the operating system or programs installed, some of the files that are listed in the file information table may not be installed.

5.
On the Version tab, determine the version of the file that is installed on your computer by comparing it to the version that is documented in the appropriate file information table.

Note Attributes other than the file version may change during installation. Comparing other file attributes to the information in the file information table is not a supported method of verifying that the update has been applied. Also, in certain cases, files may be renamed during installation. If the file or version information is not present, use one of the other available methods to verify update installation.


• Registry Key Verification

You may also be able to verify the files that this security update has installed by reviewing the following registry keys.

Windows Server 2003, Web Edition; Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition; Windows Server 2003, Datacenter Edition; Windows Small Business Server 2003; Windows Server 2003, Web Edition with SP1; Windows Server 2003, Standard Edition with SP1; Windows Server 2003, Enterprise Edition with SP1; Windows Server 2003, Datacenter Edition with SP1; Windows Server 2003, Enterprise Edition for Itanium-based Systems; Windows Server 2003, Datacenter Edition for Itanium-based Systems; Windows Server 2003, Enterprise Edition with SP1 for Itanium-based Systems; Windows Server 2003, Datacenter Edition with SP1 for Itanium-based Systems; Windows Server 2003, Standard x64 Edition; Windows Server 2003, Enterprise x64 Edition; and Windows Server 2003, Datacenter x64 Edition:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP2\KB924496\Filelist

Note This registry key may not contain a complete list of installed files. Also, this registry key may not be created correctly if an administrator or an OEM integrates or slipstreams the security update into the Windows installation source files.


Top of section
Top of section
Acknowledgments

Microsoft thanks the following for working with us to help protect customers:

• Andreas Sandblad of Secunia Research for reporting the Object Packager Dialogue Spoofing Vulnerability - CVE-2006-4692


Obtaining Other Security Updates:

Updates for other security issues are available at the following locations:

• Security updates are available at the Microsoft Download Center. You can find them most easily by doing a keyword search for "security_patch."

• Updates for consumer platforms are available at the Microsoft Update Web site.


Support:

• Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates.

• International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.


Security Resources:

• The Microsoft TechNet Security Web site provides additional information about security in Microsoft products.

• TechNet Update Management Center

• Microsoft Software Update Services

• Microsoft Windows Server Update Services

• Microsoft Baseline Security Analyzer (MBSA)

• Windows Update

• Microsoft Update

• Windows Update Catalog: For more information about the Windows Update Catalog, see Microsoft Knowledge Base Article 323166.

• Office Update


Software Update Services:

By using Microsoft Software Update Services (SUS), administrators can quickly and reliably deploy the latest critical updates and security updates to Windows 2000 and Windows Server 2003-based servers, and to desktop systems that are running Windows 2000 Professional or Windows XP Professional.

For more information about how to deploy security updates by using Software Update Services, visit the Software Update Services Web site.

Windows Server Update Services:

By using Windows Server Update Services (WSUS), administrators can quickly and reliably deploy the latest critical updates and security updates for Windows 2000 operating systems and later, Office XP and later, Exchange Server 2003, and SQL Server 2000 onto Windows 2000 and later operating systems.

For more information about how to deploy security updates using Windows Server Update Services, visit the Windows Server Update Services Web site.

Systems Management Server:

Microsoft Systems Management Server (SMS) delivers a highly configurable enterprise solution for managing updates. By using SMS, administrators can identify Windows-based systems that require security updates and can perform controlled deployment of these updates throughout the enterprise with minimal disruption to end users. For more information about how administrators can use SMS 2003 to deploy security updates, visit the SMS 2003 Security Patch Management Web site. SMS 2.0 users can also use Software Updates Service Feature Pack to help deploy security updates. For information about SMS, visit the SMS Web site.

Note SMS uses the Microsoft Baseline Security Analyzer, the Microsoft Office Detection Tool, and the Enterprise Update Scan Tool to provide broad support for security bulletin update detection and deployment. Some software updates may not be detected by these tools. Administrators can use the inventory capabilities of the SMS in these cases to target updates to specific systems. For more information about this procedure, visit the following Web site. Some security updates require administrative rights following a restart of the system. Administrators can use the Elevated Rights Deployment Tool (available in the SMS 2003 Administration Feature Pack and in the SMS 2.0 Administration Feature Pack) to install these updates.

Disclaimer:

The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Revisions:

• V1.0 (October 10, 2006): Bulletin published.

That was way too much clicking for 1 out of 8 updates. Why did I have to go through 2 extra pages just to find out it was an Object Packager Vulnerability?

Olbermann demands an end to Bush's lies...

TRANSCRIPT OF MSNBC'S KEITH OLBERMANN'S SPECIAL COMMENT ON LYING (taken form Oct 5 transcript): And lastly tonight, a special comment about lying. While the leadership in Congress has self-destructed over the revelations of an unmatched, and unrelieved, march through a cesspool... While the leadership inside the White House has self-destructed over the revelations of a book with a glowing red cover... The president of the United States—unbowed, undeterred and unconnected to reality—has continued his extraordinary trek through our country rooting out the enemies of freedom: The Democrats. Yesterday at a fundraiser for an Arizona congressman, Mr. Bush claimed, “177 of the opposition party said, ‘You know, we don‘t think we ought to be listening to the conversations of terrorists.‘” The hell they did. A hundred seventy-seven Democrats opposed the president‘s seizure of yet another part of the Constitution. Not even the White House press office could actually name a single Democrat who had ever said the government shouldn‘t be listening to the conversations of terrorists. President Bush hears what he wants. Tuesday, at another fundraiser in California, he had said that, “Democrats take a law enforcement approach to terrorism. That means America will wait until we‘re attacked again before we respond.” Mr. Bush fabricated that, too. And evidently he has begun to fancy himself as a mind reader. “If you listen closely to some of the leaders of the Democratic Party,” the president said at yet another fundraiser, Monday in Nevada, “it sounds like they think the best way to protect the American people is, wait until we‘re attacked again.” The president does not just hear what he wants, he hears things that only he can hear. It defies belief that this president and his administration could continue to find new unexplored political gutters into which they could wallow. Yet they do. It is startling enough that such things could be said out loud by any president in this nation‘s history. Rhetorically, it is about an inch short of Mr. Bush accusing Democratic leaders, Democrats, the majority of Americans who disagree with his policies of treason. But it is the context that truly makes the head spin. Just 25 days ago, on the fifth anniversary of the 9/11 attacks, this same man spoke to this nation and insisted, “We must put aside our differences and work together to meet the test that history has given us.” Mr. Bush, this is a test you have already failed. If your commitment to “put aside differences and work together” is replaced in the span of merely three weeks by claiming your political opponents prefer to wait to see this country attacked again, and by spewing fabrications about what they‘ve said, then the questions your critics need to be asking are no longer about your policies. They are, instead, solemn and even terrible questions, about your fitness to fulfill the responsibilities of your office. No Democrat, sir, has ever said anything approaching the suggestion that the best means of self-defense is to “wait until we‘re attacked again.” No critic, no commentator, no reluctant Republican in the Senate has ever said anything that any responsible person could even have exaggerated into the slander you spoke in Nevada on Monday night, nor the slander you spoke in California on Tuesday, nor the slander you spoke in Arizona on Wednesday—nor whatever is next. You have dishonored your party, sir; you have dishonored your supporters; you have dishonored yourself. But tonight the stark question we must face is—why? Why has the ferocity of your venom against the Democrats now exceeded the ferocity of your venom against the terrorists? Why have you chosen to go down in history as the president who made things up? In less than one month you have gone from a flawed call to unity to this clarion call to hatred of Americans, by Americans. If this is not simply the most shameless example of the rhetorical of political hackery, then it would have to be the cry of a leader crumbling under the weight of his own lies. We have, of course, survived all manner of political hackery, of every shape, size and party. We will have to suffer it for as long as the Republic stands. But the premise of a president who comes across as a compulsive liar is nothing less than terrifying. A president who since 9/11 will not listen, is not listening—and thanks to Bob Woodward‘s most recent account—evidently has never listened. A president who since 9/11 so hates or fears other Americans that he accuses them of advocating deliberate inaction in the face of the enemy. A president who since 9/11 has savaged the very freedoms he claims to be protecting from attack - attack by terrorists, or by Democrats, or by both? It‘s now impossible to find a consistent thread of logic as to who Mr. Bush believes the enemy truly is. But if we know one thing for certain about President Bush, it is this: This president—in his bullying of the Senate last month and in his slandering of the Democrats this month—has shown us that he believes whoever the enemies actually are, they are hiding themselves inside a dangerous cloak called the Constitution of the United States of America. How often do we find priceless truth in the unlikeliest of places? I tonight quote not Jefferson nor Voltaire, but “Cigar Aficionado” magazine. “On Sept. 11th, 2003, the editor of that publication interviewed General Tommy Franks, at that point, just retired from his post as commander-in-chief of U.S. Central Command—of CENTCOM. And amid his quaint defenses of the then nagging absences of weapons of mass destruction in Iraq, and the continuing freedom of Osama bin Laden, General Franks said some of the most profound words of this generation. He spoke of “the worst thing that can happen” to this country: First, quoting, a “massive casualty-producing event somewhere in the Western World -- it may be in the United States of America.” Then, the general continued, “The Western World, the free world, loses what it cherishes most, and that is freedom and liberty we‘ve seen for a couple of hundred years, in this grand experiment that we call democracy.” It was this super-patriotic warrior‘s fear that we would lose that most cherished liberty, because of another attack, one—again quoting General Franks—“that causes our population to question our own Constitution and to begin to militarize our country in order to avoid a repeat of another mass-casualty-producing event. Which, in fact, then begins to potentially unravel the fabric of our Constitution.” And here we are, the fabric of our Constitution being unraveled, anyway. Habeas corpus neutered; the rights of self-defense now as malleable and impermanent as clay; a president stifling all critics by every means available and, when he runs out of those, by simply lying about what they said or felt. And all this, even without the dreaded attack. General Franks, like all of us, loves this country, and believes not just in its values, but in its continuity. He has been trained to look for threats to that continuity from without. He has, perhaps been as naive as the rest of us, in failing to keep close enough vigil on the threats to that continuity from within. Secretary of State Rice first cannot remember urgent cautionary meetings with counter-terrorism officials before 9/11. Then within hours of that lie, her spokesman confirms the meetings in question. Then she dismisses those meetings as nothing new, yet insists she wanted the same cautions expressed to Secretaries Ashcroft and Rumsfeld. Mr. Rumsfeld, meantime, has been unable to accept the most logical and simple influence of the most noble and neutral of advisers. He and his employer insist they rely on the “generals in the field.” But dozens of those generals have now come forward to say how their words, their experiences, have been ignored. And, of course, inherent in the Pentagon‘s war-making functions is the regulation of presidential war lust. Enacting that regulation should include everything up to symbolically wrestling the Chief Executive to the floor in necessary. Yet—and it is Pentagon transcripts that now tell us this—evidently Mr. Rumsfeld‘s strongest check on Mr. Bush‘s ambitions, was to get someone to excise the phrase “Mission Accomplished” out of the infamous Air Force Carrier speech of May 1, 2003, even while the same empty words hung on a banner over the President‘s shoulder. And the vice president is a chilling figure, still unable, it seems, to accept the conclusions of his own party‘s leaders in the Senate, that the foundations of his public position, are made out of sand. There were no weapons of mass destruction in Iraq, but he still says so. There was no link between Saddam Hussein and al Qaeda, but he still says so. And thus, gripping firmly these figments of his own imagination, Mr. Cheney lives on, in defiance, and spreads around him and before him, darkness, like some contagion of fear. They are never wrong, and they never regret—admirable in a French torch singer, cataclysmic in an American leader. Thus, the sickening attempt to blame the Foley scandal on the negligence of others or “the Clinton era,” even though the Foley scandal began before the Lewinsky scandal. Thus, last month‘s enraged attacks on this administration‘s predecessors, about Osama bin Laden, a projection of their own negligence in the immediate months before 9/11. Thus, the terrifying attempt to hamstring the fundament of our freedom, the Constitution, a triumph for al Qaeda, one the terrorists could not hope to achieve on their own with a hundred 9/11‘s. And thus, worst of all perhaps, these newest lies by President Bush about Democrats choosing to await another attack and not listen to the conversations of terrorists. It is the terror and the guilt within your own heart, Mr. Bush, that you redirect at others who simply wish for you to temper your certainty with counsel. It is the failure and the incompetence within your own memory, Mr. Bush, that leads you to demonize those who might merely quote to you the pleadings of Oliver Cromwell: “I beseech you, in the bowels of Christ, think it possible you may be mistaken.” It is not the Democrats whose inaction in the face of the enemy you fear, Sir. It is your own—before 9/11, and—and you alone know this - perhaps afterwards. Mr. President, these new lies go to the heart of what it is that you truly wish to preserve. It is not our freedom, nor our country—your actions against the Constitution give irrefutable proof of that. You want to preserve a political party‘s power. And obviously you will sell this country out, to do it. These are lies about the Democrats—piled atop lies about Iraq—piled atop lies about your preparations for al Qaeda. To you, perhaps, they feel like the weight of a million centuries—as crushing, as immovable. But they are not. If you add more lies to them, you cannot free yourself, and us, from them. But if you stop—if you stop fabricating quotes, and stop building straw-men, and stop inspiring those around you to do the same—you may yet liberate yourself and this nation. Please, sir, do not throw this country‘s principles away because your lies have made it such that you can no longer differentiate between the terrorists and the critics.