Yesterday Microsoft re-released KB973811 ==http://www.microsoft.com/technet/security/advisory/973811.mspx This relates back to the original KB973917 == http://support.microsoft.com/kb/973917 and advisory MS09-071 ==http://www.microsoft.com/technet/security/bulletin/ms09-071.mspx This affects the Extended Protection for Authentication functions within XP, Vista and Server 2003 ==http://support.microsoft.com/kb/968389 It didn't show up in yesterday's Patch Tuesday review because Microsoft is classifying it as a non-security upgrade. This is confusing to me, because the update actually includes mitigation against a credential forwarding attack, which you might see on an unencrypted, unsigned connection (yes, there's still a lot of that going around ! ) This update affects XP, Vista and Server 2003. Windows 7 and Server 2008 are not affected. Thanks to our ...