Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Windows Messaging Service Vulnerability

Windows Messaging Service Vulnerability 12 years 11 months ago #1460

  • sahirh
  • sahirh's Avatar
  • Offline
  • Honored Member
  • Posts: 1700
  • Karma: 0
I just thought I'd give you all a quick heads-up. Recently a vulnerability was found in the windows messaging service (not the same as windows messenger). This service is enabled by default on all versions of windows since I think win98. Microsoft classified the vulnerability as MS0343.

The bad part is that working exploit code is now out in the underground, and it might be possible to use the exploit code in a worm. You don't need to patch anything, you can safely disable this service like this :

1. Click start >> run >> type services.msc and press enter
2. Find the service called 'Messenger' and double click it,
3. Press 'stop'
4. Change the startup type to 'disabled'

For those of you on AOL or some other services, this will also stop those annoying popup dialog boxes that come up.

Btw for those who are interested in buffer overflows. I will be posting the proof of concept code to my website.
Sahir Hidayatullah. Staff - Associate Editor & Security Advisor
The administrator has disabled public write access.

Re: Windows Messaging Service Vulnerability 12 years 11 months ago #1486

  • tfs
  • tfs's Avatar
  • Offline
  • Expert Member
  • Posts: 521
  • Karma: 0
If you use messaging, windows or aol, you also have vulnerabilities in the your messages typically get sent in cleartext which is able to be seen by anyone with a sniffer. So need to be careful what you send - like logons or passwords.

The administrator has disabled public write access.
Time to create page: 0.075 seconds


Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V


  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup