I seem to recall a much older filtering software package (I don't recall which offhand - DansGuardian, maybe?) that will block Google if you have disabled "SafeSearch" in the Advanced Preferences - that is, if you have it set to "Do not filter my search results."

Who is "Deaf Leopard"? Are they bigger than Def Leppard?

Semantics, semantics. My point was that User-Agent detection is *not* the right way to handle the problem.

As long as the setup program (EXE, MSI or otherwise) handles the detection prior to installation, it meets the requirement I stated: "That way, the setup program could *authoritatively* determine what OS was in use, and block installation onto any invalid systems".

User-Agent "sniffing" is a bad approach under any circumstances - it's too easy, not to mention common, to fake. And since all script-based approaches I am aware of rely on User-Agent detection, they would be effectively broken as well.

If I were doing it, I would put the OS detection in the setup EXE itself. That way, the setup program could *authoritatively* determine what OS was in use, and block installation onto any invalid systems. But we may never know since you didn't finish the download and give it a shot. ;)

IE7 is now flagged as a Critical update, whereas the "Update Rollup 2 for Windows XP Media Center Edition 2005" (KB900325) is an Optional update. And guess what? If you install IE7 first - for example, if it is done for you automatically courtesy of Automatic Updates - the KB900325 update fails to install!