windows patch

  • Thread starter Thread starter adentity
  • Start date Start date
A

adentity

has anyone received a dialogue box urgently requesting you
visit www.windowspatch.info ?

Is it Microsoft supported or yet another virus
distribution system?

Does anyone know. Can you mail me at the hotmail
address? Thanks.
 
Greetings --

It's a scam, plain and simple. It's from a very unscrupulous
"business." They're trying to sell you patches that Microsoft
provides free-of-charge, and using a very intrusive means of
advertising. It's also demonstrating that your PC is very unsecure.

This type of spam has become quite common over the past year or
so, and unintentionally serves as a valid security "alert." It
demonstrates that you haven't been taking sufficient precautions while
connected to the Internet. Your data probably hasn't been compromised
by these specific advertisements, but if you're open to this exploit,
you most definitely open to other threats, such as the Blaster,
Welchia, and Sasser Worms that still haunt the Internet. Install and
use a decent, properly configured firewall. (Merely disabling the
messenger service, as some people recommend, only hides the symptom,
and does little or nothing to truly secure your machine.) And
ignoring or just "putting up with" the security gap represented by
these messages is particularly foolish.

Messenger Service of Windows
http://support.microsoft.com/default.aspx?scid=KB;en-us;168893

Messenger Service Window That Contains an Internet Advertisement
Appears
http://support.microsoft.com/?id=330904

Stopping Advertisements with Messenger Service Titles
http://www.microsoft.com/windowsxp/pro/using/howto/communicate/stopspam.asp

Blocking Ads, Parasites, and Hijackers with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm

Whichever firewall you decide upon, be sure to ensure UDP ports 135,
137, and 138 and TCP ports 135, 139, and 445 are _all_ blocked. You
may also disable Inbound NetBIOS (NetBIOS over TCP/IP). You'll have
to follow the instructions from firewall's manufacturer for the
specific steps.

You can test your firewall at:

Symantec Security Check
http://security.symantec.com/ssc/vr_main.asp?langid=ie&venid=sym&plfid=23&pkj=GPVHGBYNCJEIMXQKCDT

Security Scan - Sygate Online Services
http://www.sygatetech.com/

Oh, and be especially wary of people who advise you to do nothing
more than disable the messenger service. Disabling the messenger
service, by itself, is a "head in the sand" approach to computer
security. The real problem is _not_ the messenger service pop-ups;
they're actually providing a useful, if annoying, service by acting as
a security alert. The true problem is the unsecured computer, and
you've been advised to merely turn off the warnings. How is this
helpful?


Bruce Chambers

--
Help us help you:




You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
Greetings --

Telling someone to ignore messenger service spam is like telling a
sleeping family to ignore that noisy smoke detector in the hall. It's
very bad advice.

Bruce Chambers

--
Help us help you:




You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
Greetings --

The OP didn't have to mention messenger service. Do a quick
search of the newsgroup and you find that this specific advertisement
has been a well-known tactic of an unscrupulous messenger service
spammer for quite some time.

Bruce Chambers

--
Help us help you:




You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
in that case i stand corrected
though i consider messenger spam as a nuisance not a threat
it is also easily fixed by disabling the messenger service
a fact that the OP could have equally used google for
instead of asking here.

ceedee
 
Greetings --

Granted, the messenger service spam, in and of itself, is only a
nuisance. However, that annoying spam is being delivered via the very
same open TCP/IP ports that are used to deliver W32.Blaster.Worm,
W32.Welchia.Worm, and W32.Sasser.Worm. Turning off the messenger
service doesn't close those ports; it merely hides the fact that the
ports are still open and the PC is still vulnerable to other threats.


Bruce Chambers

--
Help us help you:




You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
yes i see your point however blaster welchia and sasser
only ping the ports to see if a pc is there
if you have no firewall then whether messenger runs or not
will not hide you.
those worms exploits vulnerabilities in DCOM ,RPC and LSASS processes
and have no relationship to messenger service
keeping your pc patched and using a good firewall is the only way to
address such worms effectively a lesson MS has learned and is now
trying toaddress in SP2

ceedee
 
Back
Top