Yet another in a seemingly endless list of Fatal Micro$oft Security Errors That Can Compromise Your Machine, Drain Your Bank Account, and Spell the End of Civilization As We Know It.
Since the Windows Messenger service (which as nothing to do with Instant Messaging) seems to be a perennial target for hacks, just … turn it off. Follow the instructions at the link above and disable it. No, really. Just do it.
(Mutter mutter mutter Micro$oft mutter mutter)
42 view(s)
Done!
On you advise, I got PopUpCop. When it installed, it asked if it could turned it off. I said, yes. At work, however, I cannot do this because I.T. communicates to us through it.
Huh. Yeah, that’s what the original windows messager service is used for, but most orgs don’t use that (and may of those that did have found an alternative avenue because of other security issues).
The CSERT info will lead you to patches to the service that make it safe, but MS itself is asking folks to evaluate whether they really need it or not.
Testify, Brother Dave!
I just laugh now when I see YAWSH (Yet Another Windows Security Hole).
I will give M$ the small benefit of the doubt that they draw more attacks because they’re the biggest target.
Because they have a near-monopoly situation, it’s also harder (due to the installed base) for them to simply replace the OS wholesale (as Apple has previously done) with something that would be more secure and stable.
And I’ll even accept that a lot of the problems come from functionality added to be of use to people.
But, c’mon, guys. This sort of thing is getting ridiculous.