Is MSN Messenger a security risk?

I know it is a sacred cow in MS domain. But I found Microsoft Messenger (do not mix it up with the Messenger Service) is a security nuisance for my XP with which I am quite satisfied otherwise. I am running XP's own ICF firewall, ZA (free) firewall and NAV 2003 antivirus software. The combination of that three would work beautifully. I just can advise it to all single computer XP users, but the Messenger!

When running security tests as e.g. Symantex's (and a lot of other e.g. Sygate's as per the advices of MVP's) found all TCP/IP ports and ports of Trojan threats are qualified stealth (the best) only if I kill msmsgs.exe. When this unwanted and seemingly harmful program returns after a while, even if its process once terminated, most of my TCP/IP ports security level is damaged and some became wide open to attack.

I never used and will never use the Messenger and blocked its built in server by my Zonalarm firewall. But that unwanted guest returns running damaging my fine security by opening ports to attack.

Is there a way to get rid off this sticky program built into XP, unfortunately. Messenger seems to play to the hands of the hackers and other cyber criminals.

All of those good security advices in this newsgroup are in vain if an unused and unwanted program like Messenger can reduce internet security against the will of the owner of the computer and its software.

Those who use Messenger shall take the associated risk, but the others shall be left secure!

Umm... Turn it off... In OE also disable the contacts pane or it will turn
itself back on again...

Security is a process, not a program. With a good firewall you can configure
it to allow single access only through any messenger client and review each
connection as you wish.

--
Galen Gregory MS MVP Shell/User
Contact: galen_gregory (at) hotmail.com
Put [read] in the topic or it will NEVER be seen.

Cato,
Many thanX for your security warnings. I remember that I disabled the Messenger service in the very first day I'd started using XP. To avoid it from running when you do not really need it , open the messenger , Tools>Options>Preference. Uncheck the two boxes " Run this program when..." and " Allow this program to run in the ..." . This reduces the risk as you mentioned and avoids msmsngs.exe from running unexpectedly. But remember that you'll need the service running when you use MSN Explorer.....this no one can stop.
-------------------------
"cato" <antispam@zattox.com> wrote in message news:OkiZzb0jDHA.2656@TK2MSFTNGP10.phx.gbl...
I know it is a sacred cow in MS domain. But I found Microsoft Messenger (do not mix it up with the Messenger Service) is a security nuisance for my XP with which I am quite satisfied otherwise. I am running XP's own ICF firewall, ZA (free) firewall and NAV 2003 antivirus software. The combination of that three would work beautifully. I just can advise it to all single computer XP users, but the Messenger!

When running security tests as e.g. Symantex's (and a lot of other e.g. Sygate's as per the advices of MVP's) found all TCP/IP ports and ports of Trojan threats are qualified stealth (the best) only if I kill msmsgs.exe. When this unwanted and seemingly harmful program returns after a while, even if its process once terminated, most of my TCP/IP ports security level is damaged and some became wide open to attack.

I never used and will never use the Messenger and blocked its built in server by my Zonalarm firewall. But that unwanted guest returns running damaging my fine security by opening ports to attack.

Is there a way to get rid off this sticky program built into XP, unfortunately. Messenger seems to play to the hands of the hackers and other cyber criminals.

All of those good security advices in this newsgroup are in vain if an unused and unwanted program like Messenger can reduce internet security against the will of the owner of the computer and its software.

Those who use Messenger shall take the associated risk, but the others shall be left secure!

Thanks all good advices Guys!
Though I never opened Messenger and want not to touch it I used your advices.

Additionally to those who have the same problem I summarize:

1) Use the former advices in this thread.

2) In Symantec's own Norton Anti Virus control panel delete checks for instant messengers. It can interfere with msmsgs and rerun it if remain checked.

3) In XP control panel add/remove remove MSN Messenger whose name there is not Messenger but the deceiving, misleading "Add in ....."

4) Finally after Control/Alter/Delete in Windows Task Manager do not afraid of "End Process" the msmsgs.exe even if the subsequent pop up warns you to unstabilize, it will not though!


"cato" <antispam@zattox.com> wrote in message news:OkiZzb0jDHA.2656@TK2MSFTNGP10.phx.gbl...
I know it is a sacred cow in MS domain. But I found Microsoft Messenger (do not mix it up with the Messenger Service) is a security nuisance for my XP with which I am quite satisfied otherwise. I am running XP's own ICF firewall, ZA (free) firewall and NAV 2003 antivirus software. The combination of that three would work beautifully. I just can advise it to all single computer XP users, but the Messenger!

When running security tests as e.g. Symantex's (and a lot of other e.g. Sygate's as per the advices of MVP's) found all TCP/IP ports and ports of Trojan threats are qualified stealth (the best) only if I kill msmsgs.exe. When this unwanted and seemingly harmful program returns after a while, even if its process once terminated, most of my TCP/IP ports security level is damaged and some became wide open to attack.

I never used and will never use the Messenger and blocked its built in server by my Zonalarm firewall. But that unwanted guest returns running damaging my fine security by opening ports to attack.

Is there a way to get rid off this sticky program built into XP, unfortunately. Messenger seems to play to the hands of the hackers and other cyber criminals.

All of those good security advices in this newsgroup are in vain if an unused and unwanted program like Messenger can reduce internet security against the will of the owner of the computer and its software.

Those who use Messenger shall take the associated risk, but the others shall be left secure!

get a clue

"cato" <antispam@zattox.com> wrote in message
news:OkiZzb0jDHA.2656@TK2MSFTNGP10.phx.gbl...
I know it is a sacred cow in MS domain. But I found Microsoft Messenger (do
not mix it up with the Messenger Service) is a security nuisance for my XP
with which I am quite satisfied otherwise. I am running XP's own ICF
firewall, ZA (free) firewall and NAV 2003 antivirus software. The
combination of that three would work beautifully. I just can advise it to
all single computer XP users, but the Messenger!

When running security tests as e.g. Symantex's (and a lot of other e.g.
Sygate's as per the advices of MVP's) found all TCP/IP ports and ports of
Trojan threats are qualified stealth (the best) only if I kill msmsgs.exe.
When this unwanted and seemingly harmful program returns after a while, even
if its process once terminated, most of my TCP/IP ports security level is
damaged and some became wide open to attack.

I never used and will never use the Messenger and blocked its built in
server by my Zonalarm firewall. But that unwanted guest returns running
damaging my fine security by opening ports to attack.

Is there a way to get rid off this sticky program built into XP,
unfortunately. Messenger seems to play to the hands of the hackers and other
cyber criminals.

All of those good security advices in this newsgroup are in vain if an
unused and unwanted program like Messenger can reduce internet security
against the will of the owner of the computer and its software.

Those who use Messenger shall take the associated risk, but the others shall
be left secure!