Greetings --
It's a scam, plain and simple. It's from a very unscrupulous
"business." They're trying to sell you patches that Microsoft
provides free-of-charge, and using a very intrusive means of
advertising. It's also demonstrating that your PC is very unsecure.
This type of spam has become quite common over the past year or
so, and unintentionally serves as a valid security "alert." It
demonstrates that you haven't been taking sufficient precautions while
connected to the Internet. Your data probably hasn't been compromised
by these specific advertisements, but if you're open to this exploit,
you most definitely open to other threats, such as the Blaster,
Welchia, and Sasser Worms that still haunt the Internet. Install and
use a decent, properly configured firewall. (Merely disabling the
messenger service, as some people recommend, only hides the symptom,
and does little or nothing to truly secure your machine.) And
ignoring or just "putting up with" the security gap represented by
these messages is particularly foolish.
Messenger Service of Windows
http://support.microsoft.com/default.aspx?scid=KB;en-us;168893
Messenger Service Window That Contains an Internet Advertisement
Appears
http://support.microsoft.com/?id=330904
Stopping Advertisements with Messenger Service Titles
http://www.microsoft.com/windowsxp/pro/using/howto/communicate/stopspam.asp
Blocking Ads, Parasites, and Hijackers with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm
Whichever firewall you decide upon, be sure to ensure UDP ports 135,
137, and 138 and TCP ports 135, 139, and 445 are _all_ blocked. You
may also disable Inbound NetBIOS (NetBIOS over TCP/IP). You'll have
to follow the instructions from firewall's manufacturer for the
specific steps.
You can test your firewall at:
Symantec Security Check
http://security.symantec.com/ssc/vr_main.asp?langid=ie&venid=sym&plfid=23&pkj=GPVHGBYNCJEIMXQKCDT
Security Scan - Sygate Online Services
http://www.sygatetech.com/
Oh, and be especially wary of people who advise you to do nothing
more than disable the messenger service. Disabling the messenger
service, by itself, is a "head in the sand" approach to computer
security. The real problem is _not_ the messenger service pop-ups;
they're actually providing a useful, if annoying, service by acting as
a security alert. The true problem is the unsecured computer, and
you've been advised to merely turn off the warnings. How is this
helpful?
If you have to ask, you're almost definitely running a 32-bit
version of WinXP. (I'm not trying to be facetious; I'm sure you'd
have noticed paying several thousand dollars more for the Itanium or
Itanium II CPU required to run the 64-bit version of WinXP Pro.)
There is, of course, no 64-bit version of WinXP Home.
Windows XP 64-Bit Edition Overview
http://www.microsoft.com/windowsxp/64bit/overview.asp
To verify for yourself, Click Start > Run, type in "Winver" and
press <Enter>. If the resulting dialog box does not _explicitly_
state that you have "Windows XP 64-Bit Edition," then you have a
32-bit OS.
Bruce Chambers
--
Help us help you:
You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH
