[Dshield] New critical Windows vulnerabilities
superc at visuallink.com
Thu Oct 16 17:26:31 GMT 2003
For those of us without MS certification, does the Messenger service have
any function beyond allowing pop ups, and is there a way for a home user to
simply delete the Messenger service from their at home XP, or at least
knock it out (renaming perhaps?) while still maintaining functionality of
their XP machine for spreadsheets, WP and web surfing?
Subject: RE: [Dshield] New critical Windows vulnerabilities
From: "Kolde, Jennifer E." <jkolde at nosc.mil>
Date: Wed, 15 Oct 2003 14:34:40 -0700
To: "'General DShield Discussion List'" <list at dshield.org>
Note that the "Messenger" vulnerability is NOT in Windows Messenger or
MSN Messenger...it's in the Windows Messenger SERVICE.
The service is installed and running by default in NT / 2K / XP, and is
exploitable via RPC (135) and/or NetBIOS (137 - 139 / 445).
It's definitely a worm-candidate, though I have not seen anything about
exploits in the wild.
More information about the list