can someone please confirm?

I have an XSL extension function using <msxml:script> and
vbscript content. The vb function inside creates an ADO
connection. Since installing MSXML refresh (security
bulletin MS02-008) and Win2K sp4, I now receive the
following error:

msxml4.dll error '80020009' ADODB.Connection Safety
settings on this computer prohibit accessing a data source
on another domain...Error returned from property or method
call.

Code and symptoms are identical to those reported by this
post: [url]http://dbforums.com/arch/73/2002/11/566028[/url]
(exception thrown on line "conn.open myDSN")

I believe this is a BUG in the security patch as the
release notes say "When the XMLHTTP control is invoked by
a webpage, it should respect the restrictions associated
with the IE Security zone..." My code is *not* executed
in IE, and *not* across multiple zones.
**The code is executed when an ASP page performs an XSL
transformation, SERVER-SIDE.**

The ASP is part of an Intranet app that uses Integrated
Windows Authentication on IIS 5.0.
To make the error disappear, the following steps need to
be followed, which is not acceptable:
1. log into server with end user authentication
2. open Internet settings, and enable "Access data sources
across domains"
3. log out (to save the user profile)
4. reboot the server (presumably to reload MSXML)
5. run the code by visiting the webpage

Note that this code worked for all authenticated users
prior to the application of the MSXML refresh and Win2K
SP4.

My theory is that the MSXML dll is throwing an error when
I open an ADO connection, because internally it is using
RDS and this is now seen as a violation of the current
security zone.
Other useful references:
kbid=821546 - some programs that use impersonation may
not work correctly after you install SP4
kbid=313239 - error message also mentioned
kbid=300699 - explanation of the error message