I have 2 win98 machines here, my own and a customer's, both are unpatched, (one runs IE6 sp1 the other IE 5.5) I cannot find shimgvw.dll on either. Perhaps this is why the patch reported your system was not vulnerable? Could anyone else confirm? Anyone got a win95 machine they could also check on? Regards