Scaremongering
*sigh* Stories like this are really, really, counterproductive.
Here is the list of security issues fixed in SP2. These are real issues, many with exploits in the wild:
- MS04-025 (867801) - Cumulative Security Update for Internet Explorer
- MS04-024 (839645) - Vulnerability in Windows Shell Could Allow Remote Code Execution
- MS04-023 (840315) - Vulnerability in HTML Help Could Allow Code Execution
- MS04-022 (841873) - Vulnerability in Task Scheduler Could Allow Code Execution
- MS04-018 (823353) - Cumulative Security Update for Outlook Express
- MS04-016 (839643) - Vulnerability in DirectPlay Could Allow Denial of Service
- MS04-015 (840374) - Vulnerability in Help and Support Center Could Allow Remote Code Execution
- MS04-014 (837001) - Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution
- MS04-013 (837009) - Cumulative Security Update for Outlook Express
- MS04-012 (828741) - Cumulative Update for Microsoft RPC/DCOM
- MS04-011 (835732) - Security Update for Microsoft Windows
- MS04-007 (828028) - ASN.1 Vulnerability Could Allow Code Execution
- MS04-004 (832894) - Cumulative Security Update for Internet Explorer
- MS04-003 (832483) - Buffer Overrun in MDAC Function Could Allow Code Execution
- MS03-049 (828749) - Buffer Overrun in the Workstation Service Could Allow Code Execution
- MS03-048 (824145) - Cumulative Security Update for Internet Explorer
- MS03-045 (824141) - Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution
- MS03-044 (825119) - Buffer Overrun in Windows Help and Support Center Could Lead to System Compromise
- MS03-043 (828035) - Buffer Overrun in Messenger Service Could Allow Code Execution
- MS03-041 (823182) - Vulnerability in Authenticode Verification Could Allow Remote Code Execution
- MS03-040 (828750) - Cumulative Patch for Internet Explorer
- MS03-039 (824146) - Buffer Overrun in RPCSS Service Could Allow Code Execution
- MS03-034 (824105) - Flaw in NetBIOS Could Lead to Information Disclosure
- MS03-032 (822925) - Cumulative Patch for Internet Explorer
- MS03-030 (819696) - Unchecked Buffer in DirectX Could Enable System Compromise
- MS03-027 (821557) - Unchecked Buffer in Windows Shell Could Enable System Compromise
- MS03-026 (823980) - Buffer Overrun in RPC Interface Could Allow Code Execution
- MS03-024 (817606) - Buffer Overrun in Windows Could Lead to Data Corruption
- MS03-023 (823559) - Buffer Overrun in HTML Converter Could Allow Code Execution
- MS03-021 (819639) - Flaw in Windows Media Player May Allow Media Library Access
- MS03-020 (818529) - Cumulative Patch for Internet Explorer
- MS03-018 (811114) - Cumulative Patch for Internet Information Service
- MS03-015 (813489) - Cumulative Patch for Internet Explorer
- MS03-014 (330994) - Cumulative Patch for Outlook Express
- MS03-013 (811493) - Buffer Overrun in Windows Kernel Message Handling Could Lead to Elevated Privileges
- MS03-010 (331953) - Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks
- MS03-008 (814078) - Flaw in Windows Script Engine Could Allow Code Execution
- MS03-007 (815021) - Unchecked Buffer in Windows Component Could Cause Server Compromise
- MS03-005 (810577) - Microsoft Security Bulletin MS03-005
- MS03-004 (810847) - Cumulative Patch for Internet Explorer
- MS03-001 (810833) - Unchecked Buffer in Locator Service Could Lead to Code Execution
- MS02-072 (329390) - Unchecked Buffer in Windows Shell Could Enable System Compromise
- MS02-071 (328310) - Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation
- MS02-070 (329170) - Flaw in SMB Signing Could Enable Group Policy to be Modified
- MS02-068 (324929) - Cumulative Patch for Internet Explorer
- MS02-066 (328970) - Cumulative Patch for Internet Explorer
- MS02-063 (329834) - Unchecked Buffer in PPTP Implementation Could Enable Denial of Service Attacks
- MS02-062 (327696) - Cumulative Patch for Internet Information Service
- MS02-055 (323255) - Unchecked Buffer in Windows Help Facility Could Enable Code Execution
People should apply this NOW. Stories spreading FUD about it are irresponsible.