Re: Microsoft Messenger Service Bulletin
From: Bruce Chambers (bchambers_at_nospamcableone.net)
Date: 12/23/03
- Next message: Bruce Chambers: "Re: Email attachments removed"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: Deleting "My Received Files" folder..."
- In reply to: Bill: "Microsoft Messenger Service Bulletin"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 22 Dec 2003 20:30:32 -0700
Greetings --
No, it isn't a legitimate "Microsoft" warning, although the
potential threat is real, and you're obviously unprotected. It's
simply an unscrupulous advertiser trying to panic you into
unnecessarily buying their "service." Any and all patches you need
are available free of cost from Microsoft.
This type of spam has become quite common over the past year, and
unintentionally serves as a valid security "alert." It demonstrates
that you haven't been taking sufficient precautions while connected to
the Internet. Your data probably hasn't been compromised by these
specific advertisements, but if you're open to this exploit, you may
well be open to other threats, such as the Blaster Worm that recently
swept cross the Internet. Install and use a decent, properly
configured firewall. (Merely disabling the messenger service, as some
people recommend, only hides the symptom, and does almost nothing to
truly secure your machine.) And ignoring or just "putting up with"
the security gap represented by these messages is particularly
foolish.
Messenger Service of Windows
http://support.microsoft.com/default.aspx?scid=KB;en-us;168893
Messenger Service Window That Contains an Internet Advertisement
Appears
http://support.microsoft.com/?id=330904
Blocking Ads, Parasites, and Hijackers with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm
Oh, and be especially wary of people who advise you to do nothing
more than disable the messenger service. Disabling the messenger
service, by itself, is a "head in the sand" approach to computer
security. The real problem is _not_ the messenger service pop-ups;
they're actually providing a useful, if annoying, service by acting as
a security alert. The true problem is the unsecured computer, and
you've been advised to merely turn off the warnings. How is this
helpful?
Bruce Chambers
-- Help us help you: http://dts-l.org/goodpost.htm http://www.catb.org/~esr/faqs/smart-questions.html You can have peace. Or you can have freedom. Don't ever count on having both at once. -- RAH "Bill" <anonymous@discussions.microsoft.com> wrote in message news:034f01c3c849$31f232f0$a501280a@phx.gbl... > I rec'd the following message on my screen which I assume > is from Microsoft. It said: > > Message from microsoft networks to windows user on > 12/21/2003. Microsoft security bulletin MS03-043. Buffer > overruns in messenger service could allow code execution > (820035). > Affected software: > Msft windows NT workstation > MSFT windows NT server 4.0 > " 2000 > " " XP > " " Win 98 > " " Server 2000 > Non affected software: > MS windows millenium > > Your system is affected, download the patch from the > address below! First type the URL below into your > internet brrowser then click "ok". > > www.windowspatch > > ============= > I went to this URL and was asked to pay $19.95 for this > patch. Is this a legitimate message from Microsoft. > Should I have to pay to fix my Windows XP operating > system that came with my computer? What is the severity > of this problem. Should I get the patch? Any help on this > would be appreciated. My email address is muliej@ > (removethis)sbcglobal.net. Thanks
- Next message: Bruce Chambers: "Re: Email attachments removed"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: Deleting "My Received Files" folder..."
- In reply to: Bill: "Microsoft Messenger Service Bulletin"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
