You are here:Kbee Software > Operating Systems > Is there something “bad” or “harmful” is sent via the messenger in XP? [msg boxes]

Is there something “bad” or “harmful” is sent via the messenger in XP? [msg boxes]

admin / March 24th, 2011/ Posted in Operating Systems / No Comments »

Q: When installing a critical update, I received one of those gray boxes msg that seemed to want me to buy anything . I clicked the X in the corner and shut it quickly, but I think its early . Would you stop getting unwanted msgs . etc.

I have since disabled that service, but was wondering . something may be harmful shipped with that?

(worried user)

Thanx

Boxing Training For Beginners
Re:To return to the topic of the thread… Simply disable the Messenger service by going to Control Panel -> Administratic Tools -> Services. Stop the current instance, and disable it. A firewall will also help, as someone else suggested. Also, for more information on this you can use the search tool.

\Dan

How to Box 12 Week Boxing Program and Site Membership
Re:Originally posted by: guy

damned if I'm gonna put a patch on a mission-critical system and hope it doesn't break something.
You know that my provider was just taken down by a attack that should have been patched several month ago. I talked to one of the honchos there and there attitude was the same as yours, which in my opinion is not good. By the way my ISP is charter which should know better.

Did you not read the rest of my message? Cause you only quoted part of it. The patch will be applied just not on the day it comes out. To blindly put a patch on a mission-critical system with NO testing is foolish, in my opinion.

I do agree that taking months to install a patch is to long. Sometimes you can't always blame the admin but upper management instead. For example where I work we don't have the best upper management in IT. As a matter of fact they don't have any previous IT experience, most were accountants before taking jobs in IT management. At my worplace there is me and one other guy that do PC tech (helpdesk stuff), LAN administration, WAN administration, E-mail, and application deployments. So we're spread pretty thin and upper management puts pretty low priority on testing patches because they don't see the consequences of not installing them. As much as I would like to test and install patches right away my boss doesn't always let, putting more priority on other tasks. Luckily we were not hit with Nimda or SQL Slammer but we could always be hit with a future one.

Betting Black Box
Re:damned if I'm gonna put a patch on a mission-critical system and hope it doesn't break something.
You know that my provider was just taken down by a attack that should have been patched several month ago. I talked to one of the honchos there and there attitude was the same as yours, which in my opinion is not good. By the way my ISP is charter which should know better.

guy

Home Boxing Workouts
Re:Originally posted by: guy

Exactly, most people do not realize this. When Nimba and SQL Slammer were released, they were essentially giving a reminder to patch your systems. Microsoft released a patch before SQL Slammer was released that fix the vulnerability that it exploited. When SQL Slammer was release it showed the world how many admins do not bother patching their systems.

While I do agree it is up to the admin to patch the systems sometimes the patches come out so fast (especially for IIS last year)you don't have time to test them before an exploit is out. Where I work we run about 50 servers and some 500 workstations. I'll be damned if I'm gonna put a patch on a mission-critical system and hope it doesn't break something. That patch will be thouroughly tested on our development environment before going to production. Sometimes this can take weeks, depending on the patch.

This doesn't just apply to Microsoft. This has to do with all vendors we use at my workplace(Novell, Sun, Oracle, Siebel, etc). I don't expect companies to be able to test every single configuration. That's what development environments are for.

No one is asking you to, that NIMDA and Slammer patches where months old at the time of the exploit.
Bill

How To Make Cigar Box Purses.
Re:Exactly, most people do not realize this. When Nimba and SQL Slammer were released, they were essentially giving a reminder to patch your systems. Microsoft released a patch before SQL Slammer was released that fix the vulnerability that it exploited. When SQL Slammer was release it showed the world how many admins do not bother patching their systems.

While I do agree it is up to the admin to patch the systems sometimes the patches come out so fast (especially for IIS last year)you don't have time to test them before an exploit is out. Where I work we run about 50 servers and some 500 workstations. I'll be damned if I'm gonna put a patch on a mission-critical system and hope it doesn't break something. That patch will be thouroughly tested on our development environment before going to production. Sometimes this can take weeks, depending on the patch.

This doesn't just apply to Microsoft. This has to do with all vendors we use at my workplace(Novell, Sun, Oracle, Siebel, etc). I don't expect companies to be able to test every single configuration. That's what development environments are for.

Opt-In Boxes "r" Us
Re:Originally posted by: guy

Originally posted by: guy I do not believe there are any known exploits that use the messenger service. That's not to say that none exist. Nimda and SQL Slammer both illustrate that vulnerabilities can be discovered. Neither Nimda nor Slammer exploited an unknown vulnerability. Bill

Exactly, most people do not realize this. When Nimba and SQL Slammer were released, they were essentially giving a reminder to patch your systems. Microsoft released a patch before SQL Slammer was released that fix the vulnerability that it exploited. When SQL Slammer was release it showed the world how many admins do not bother patching their systems.

The 7 Secrets of Boxing Footwork Training System
Re:install a firewall of some type, if you can receive messenger messages then they can access other services too…
PC Satellite Tv Box
Re:Originally posted by: guy
I do not believe there are any known exploits that use the messenger service.
That's not to say that none exist. Nimda and SQL Slammer both illustrate that vulnerabilities can be discovered.

Neither Nimda nor Slammer exploited an unknown vulnerability.
Bill

10 in 10 System: Use Boxing to Lose Up to 10lbs in Only 10 Days
Re:Not that I'm saying it isnt possible, but IIS and MDAC/SQL are far more complex than the messenger service.

Which would make sense that Microsoft would spend more time making sure they were secure.

Pandora’s Box – Brand New To Cb!
Re:Not that I'm saying it isnt possible, but IIS and MDAC/SQL are far more complex than the messenger service.

-Spy

Re:I do not believe there are any known exploits that use the messenger service.

That's not to say that none exist. Nimda and SQL Slammer both illustrate that vulnerabilities can be discovered.

Re:The only thing the Messenger service does is provide a way to display dialog boxes with a message or text to the user. It cannot interact with your system in any other way.

Related posts

  • No related posts.

Tags:

Leave a Reply

Name required

Mail (will not be published) required

Website