Re: WIN2000NT False prophets(!).

From: Steve Winograd [MVP] (
Date: 11/20/05

Date: Sat, 19 Nov 2005 17:05:41 -0700

In article <WEOff.20499$>, Martin
Spencer-Ford <> wrote:
>>>>Thanks for your reply, Martin. I think that disabling the Messenger
>>>>service by default came in SP2:
>>>Thanks for correcting me Steve - I knew it was in one of them patches :)
>>>Still leaves me wondering why the change in policy - especially after
>>>such a long history of being a default service, not that i am
>>>complaining, one less thing to adjust.
>> You're right, Martin. Microsoft used to make all Windows features
>> available by default. Users didn't have to install or enable anything
>> to have full functionality.
>> In reaction to the spread of malware, often through security holes in
>> its own products, Microsoft made a major shift, implementing a
>> "Trustworthy Computing" initiative throughout the company. Part of
>> that initiative is a philosophy that they call "Secure by Design,
>> Secure by Default, Secure in Deployment and Communication". They
>> first applied in to Windows in XP SP1 and Windows Server 2003. See:
>> That philosophy includes disabling features, like the Alerter and
>> Messenger services, that are vulnerable to attack and are unnecessary
>> for most users. Users who need those services have to explicitly
>> enable them. Everyone else is protected automatically.
>It was a long time coming, but vastly appreciated by many a support
>engineer - my self included. To me this thread has turned into an
>interesting and educational one. Many thanks for being a part of that
>conclusion, Steve ... appreciated.

You're welcome, Martin!

BTW, They're carrying this philosophy much further in the upcoming
Windows Vista:

Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)
Please post any reply as a follow-up message in the news group
for everyone to see.  I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.
Microsoft Most Valuable Professional Program