|
motaman
old hand
Registered: 12/18/02
Posts: 6,047
Last seen: 7 days, 13 hours
|
FTC: Windows feature is a backdoor for spam 1
#2080919 - 11/07/03 12:12 PM (20 years, 4 months ago) |
|
|
http://www.sltrib.com/2003/Nov/11072003/business/108934.asp
FTC: Windows feature is a backdoor for spam
By Bob Mims The Salt Lake Tribune
The Federal Trade Commission has some urgent advice for users of Microsoft's Windows Messenger Service: Turn it off. Now. Back-door security flaws in the application -- an internal feature in personal computers using the latest versions of Windows, not to be confused with the MSN Messenger Internet chat program -- are being mercilessly exploited by spam "pop-up" advertisements. "Turn off the Windows Messenger Service. For most home users, [it] serves no purpose," FTC Consumer Protection director Howard Beales said Thursday. He added that Microsoft itself planned to set the program to a default "off" position in future shipments of its operating system. The impetus for Beales' alert during a Washington, D.C., teleconference was the FTC's obtaining of a temporary restraining order against D Squared Solutions LLC and two officers of the San Diego company, Anish Dhingra and Jeffrey Davis. Prosecutors allege the defendants used a "back-door" security flaw in WMS -- typically used by networks to send internal problems, or even to notify users of a completed print job -- to barrage PCs across the country with repeated pop-up ads. Most of the ads, which appeared on-screen as often as every 10 minutes -- pitched $25-$30 software programs to block future pop-ups. By using the WMS portal, D Squared purportedly inundated its targets with pitches even when users were not on the Internet, the usual arena for such annoyances. "They create a problem for consumers then charge them for a solution," Beales said. Davis could not be reached, but Dhingra, contacted by telephone, declined to comment on the allegations. However, in a Cnetnews.com article published online Nov. 25, 2002, Dhingra was quoted as denying his pop-ups were spam because affected users could simply turn off WMS to prevent them from appearing. Microsoft spokeswoman Tara Gregory applauded the FTC's action. "Microsoft remains committed to combating the spam epidemic through a multifaceted approach" comprising developing better antispam measures, backing strong laws and aggressively helping to prosecute violators, she said. Last month, Microsoft issued a security warning that WMS was vulnerable to back-door attacks. The software giant also announced it would disable WMS -- formerly set to the "on" position by default -- and activate Windows' Internet Connection Firewall to protect computers from such attacks. The changes are slated for mid-2004 release in Windows XP Service Pack 2; current editions of Windows XP still have WMS enabled. Complaints about the flaw have been widespread. Last month, leading Internet service provider America Online went so far as to block use of the WMS feature by its subscribers. Xmission, one of Salt Lake City's leading Internet service providers, moved even quicker. "We blocked [WMS] in early spring," said Xmission owner Pete Ashdown. "We noticed an increase of messages coming in on that port, which we knew was a security risk. It is very rarely used these days for anything except [spam]." Jay Lepreau, a computer-security research associate professor at the University of Utah, is quick to echo advice to turn off WMS and install a firewall. He recommends Zone Alarm, which can be downloaded for free from the Internet and also can protect against spyware -- hidden programs that monitor user activity and transmit the data to a third party. How to deactivate WMS * To disable Windows Messenger Service, Windows users generally can click on Start, select Control Panel (or click on Settings and then the Control Panel); double-click on Administrative Tools; double-click Services; and then double-click Messenger. In the Startup type list, click Disabled. Click Stop, and then click OK. For further instructions, visit http://www.microsoft.com/WindowsXP/pro/using/howto/communicate/stopspam.asp.
-------------------- http://heffter.org
|
TinMan
Stranger
Registered: 10/01/02
Posts: 2,956
Loc: Russia
|
Re: FTC: Windows feature is a backdoor for spam [Re: motaman] 1
#2081038 - 11/07/03 01:01 PM (20 years, 4 months ago) |
|
|
I don't quite understand how they get messages through if they aren't on your network.
|
windex
old hand
Registered: 06/27/01
Posts: 1,293
Last seen: 9 years, 9 months
|
Re: FTC: Windows feature is a backdoor for spam [Re: TinMan] 1
#2081127 - 11/07/03 01:26 PM (20 years, 4 months ago) |
|
|
>>I don't quite understand how they get messages through if they aren't on your network.
For some reason messenger is wide open, accepting connections from anywhere, any decent firewall would stop them.
All these explitable services that most dont end up using are left on by default while the firewall which would stop quite a bit off it is left off by default. Microsoft, go figure..
|
Xochitl
synchronicitycircuit
Registered: 07/15/03
Posts: 1,241
Loc: the brainforest
|
Re: FTC: Windows feature is a backdoor for spam [Re: motaman] 1
#2081179 - 11/07/03 01:43 PM (20 years, 4 months ago) |
|
|
disable that shit: adjust services
-------------------- As we know, there are known knowns. There are things we know we know. We also know there are known unknowns. That is to say we know there are some things we do not know. But there are also unknown unknowns, the ones we don't know we don't know. -Donald Rumsfeld 2/2/02 Pentagon
|
Seuss
Error: divide byzero
Registered: 04/27/01
Posts: 23,480
Loc: Caribbean
Last seen: 1 month, 19 days
|
Re: FTC: Windows feature is a backdoor for spam [Re: Xochitl] 1
#2088559 - 11/10/03 03:56 AM (20 years, 4 months ago) |
|
|
> I don't quite understand how they get messages through if they aren't on your network.
They "spam" subnets sending a message to each IP address within the subnet without knowing what, if anything, is attached to an IP address.
-------------------- Just another spore in the wind.
|
funkymonk
Get's down, withthe get-down.
Registered: 11/29/02
Posts: 8,160
Loc: saskatchewan
|
Re: FTC: Windows feature is a backdoor for spam [Re: Seuss] 1
#2090379 - 11/10/03 06:54 PM (20 years, 4 months ago) |
|
|
any links for the exploit?
|
djfrog
omgws!!!1!
Registered: 10/22/00
Posts: 3,710
|
Re: FTC: Windows feature is a backdoor for spam [Re: funkymonk] 1
#2091228 - 11/11/03 01:21 AM (20 years, 4 months ago) |
|
|
Go to your system32 directory and type "msg /?"
|
T0aD
Stranger
Registered: 06/18/02
Posts: 4,475
Last seen: 15 years, 18 days
|
Re: FTC: Windows feature is a backdoor for spam [Re: djfrog] 1
#2096141 - 11/12/03 07:34 AM (20 years, 4 months ago) |
|
|
AHAHAHA
-------------------- Cuba Libre
|
|