Yet Another Critical Windows Flaw 511
Dynamoo writes "Microsoft released yesterday a whole bunch of critical security updates. Out of these, MS03-043 is a flaw in the Windows Messenger Service (not MSN Messenger) with the possibility of a remote attacker gaining complete control of a Windows NT/2000/XP/2003 based PC remotely. If this sounds like another possible vector for a worm to spread, you'd probably be right. Microsoft's recommendation is to 'disable the Messenger Service immediately and evaluate their need to deploy the patch'. Of course a firewall will offer some protection but shouldn't be relied on. At least administrators can disable the Messenger Service remotely. Of course this is another headache for admins still patching for last month's RPC flaw."
Windows SUS (Score:5, Informative)
It's useful.
Re:Too bad it's such a pain in the ass... (Score:5, Informative)
Anyway, in case anyone's reading this and doesn't know how to disable Messenger, go to Start -> Settings -> Control Panel -> Administrative tools -> Services. Right-click on Messenger and pull up the properties sheet. On the "general" tab, select "disabled" for "Startup type". Then hit the "Stop" button right under that on the "general" tab to stop the service if it's currently running. That's for 2K - I assume XP is similar.
Re:Slashdot Moderation (Score:5, Informative)
Which means that mod points aren't being given to as many people, which means there's less around to take things to +5.
More details in Taco's Journal [slashdot.org].
Re:Windows SUS (Score:3, Informative)
Read this over and be sure that you understand what it does before you try it, better yet see if you can find it independently. Applying a registry patch from
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\W
"WUServer"="http://your.server.com"
"WUStatusServer"="http://your.server.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\W
"RescheduleWaitTime"=dword:00000005
"NoAutoRebootWithLoggedOnUsers"=dword:00000001
"NoAutoUpdate"=dword:00000000
"AUOptions"=dword:00000004
"ScheduledInstallDay"=dword:00000000
"ScheduledInstallTime"=dword:00000003
"UseWUServer"=dword:00000001
Save that to a file called wu.reg or whatever.reg and then merge it with your registry.
Re:Yet Another Critical Linux Flaw! (Score:3, Informative)
Another rabid submitter gets it wrong (Score:3, Informative)
Their new policy [myitforum.com] is to release monthly updates unless an exploit already exists, in which case a patch is immediately released.
Out of these, MS03-043 is a flaw in the Windows Messenger Service
You don't know what you're talking about, submitter Dynamoo. Please, tell us why one shouldn't rely on a firewall? If you read the technical documentation [microsoft.com] about the flaw you see "If users have blocked the NetBIOS ports (ports 137-139) - and UDP broadcast packets using a firewall, others will not be able to send messages to them on those ports." (under "Technical Descriptions"). I think I'll ignore your advice and keep a firewall in place, no matter what OS I'm using.
Slashdot (Score:1, Informative)
Oh, BTW, I *do* use and run Linux (dyneBolic CD), so all you haters can shove it up you know where. One other thing -- I am a programmer, so I know what open source and that is all about, I like it, but I can see its flaws as well, unlike all you other zealots.
I used to like this site more. Too bad its bias ruins its integrity in my eyes, just like FOX news "Fair and Balanced" BS.
Re:What? (Score:3, Informative)
Good point - I was unclear. I should have quoted Microsoft's technical documentation. They specify configuring Windows' built-in firewall to block those ports. If the ports are blocked at each machine then an infected machine behind a hardware firewall will not infect other machines on the LAN.