[Dshield] New critical Windows vulnerabilities

Kenneth Coney superc at visuallink.com
Thu Oct 16 17:26:31 GMT 2003


For those of us without MS certification, does the Messenger service have 
any function beyond allowing pop ups, and is there a way for a home user to 
simply delete the Messenger service from their at home XP, or at least 
knock it out (renaming perhaps?) while still maintaining functionality of 
their XP machine for spreadsheets, WP and web surfing?


Subject: RE: [Dshield] New critical Windows vulnerabilities
From: "Kolde, Jennifer E." <jkolde at nosc.mil>
Date: Wed, 15 Oct 2003 14:34:40 -0700
To: "'General DShield Discussion List'" <list at dshield.org>

Note that the "Messenger" vulnerability is NOT in Windows Messenger or
MSN Messenger...it's in the Windows Messenger SERVICE.

The service is installed and running by default in NT / 2K / XP, and is
exploitable via RPC (135) and/or NetBIOS (137 - 139 / 445).

It's definitely a worm-candidate, though I have not seen anything about
exploits in the wild.

Regards,
Jennifer





More information about the list mailing list