Results 1 to 9 of 9
  1. #1
    New Lounger
    Join Date
    Jan 2003
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts

    KB828035 (Pro 2002 SP1)

    What is the deal with this patch?

    Does WOPR have an info page dedicated to new Patches from M*?

  2. #2
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: KB828035 (Pro 2002 SP1)

    Michael--

    The deal is about the messenger SERVICE and good 'ole buffer overruns--being attacked with vigor in the next OS to cut down on all them patches.

    KB828035 Security Patch--The story is an old one--buffer overrun

    The story, also is to turn "messenger service off"-- a prolfic source of popup spam--you probably aren't using it anyway!!! --and I'm not confusing this with the instant messenger that is so popular with teeny-boopers and middle school kids and also a big part of some enterprises, this is the IP service explained in the KB below--and close a high percentage of these patch inducing vulnerabilities. The link explains what it is. There are many ways to turn it off. Here you go and unless you have an unusual reason--I'd do it--they are planning in the future to ship Windows Foghorn or Longhorn with it off--and this may change with Windows XP shipping until they release that new OS as well.

    Windows Messaging IP Service--Not the "Instant Messanger":

    If you don't intend using XP on a LAN you can disable the "Server" and "Workstation" services. csrss.exe is associated with the Server process. The Messenger Service "Transmits net send and Alerter service messages between clients and servers".

    To disable the Messenger Service: Go to Start/Control Panel/Administrative Tools/Services. Double click the Messenger Service and change Automatic to Disabled, then click the Stop button.

    or you can use

    Kelly's Tweaks Line 95 Left Column

    To Delete the Messenger Service: Go to Start/Run/CMD and type in: sc delete messenger. Reboot.

    Or go to Start/Run/Regedit and navigate to this key: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServices

    It may be wise to disable the Administrative Alerts Service as well. Specify the Schedule for Alerter Service - This setting is used to specify how often the server checks alert conditions and sends any required alert messages to administrative users.

    Specify the Schedule for Alerter Service (Windows NT/2000/XP)

    To increase options to turn it off--just about everyone should:

    How to turn off Windows Messenger Service

    Turn Off IP Messaging Service PC Mag August 2003

    302089: How to Prevent Windows Messenger from Running on a Windows XP-Based Computer

    168893:Messenger Service of Windows--to explain which one I mean

    I don't think WOPR has "a dedicated page on patches," but I make it a point to skim Woody's Windows (consolidated now) newsletter and his Office newsletters and also CNET news which will publicize patch problems quickly.

    I noticed this Bugs, Old File Dates in New Microsoft Patches Nov. 14 yesterday.

    hth,

    SMBP

  3. #3
    New Lounger
    Join Date
    Jan 2003
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: KB828035 (Pro 2002 SP1)

    I am familiar with the messenger service. I believe I receive UPS warnings among others with this service and it is unfortunate that it should be disabled to maintain security.

  4. #4
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: KB828035 (Pro 2002 SP1)

    You spoke volumes with that restrained last statement, and of course Michael, if it is part of your routine and you need to keep it, than that takes precedent. Small comfort now, but there are some very stong efforts to work on the source of many of these patches, the need to go after buffer overruns in the next Operating System, but that's late 2005-2006.

    SMBP

  5. #5
    New Lounger
    Join Date
    Jan 2003
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: KB828035 (Pro 2002 SP1)

    Buffer Overruns occur in most, if not all, operating systems. A disappointing part of M* Windows are the oft poison pill workarounds and requirement to reboot more often than not. This is not conducive to low maintenance costs not to mention the sanity of sysadmins.

  6. #6
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: KB828035 (Pro 2002 SP1)

    I don't think you have to disable it, that's just a quick work-around. You should be able to block external access to it with a firewall.

  7. #7
    4 Star Lounger
    Join Date
    May 2002
    Location
    Australia
    Posts
    549
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: KB828035 (Pro 2002 SP1)

    <img src=/S/hello.gif border=0 alt=hello width=25 height=29> Hi SMBP, I must be slow coz I did find Messenger loading itself annoying, so I disabled it by selecting the icon in my taskbar, RIGHT CLICK > OPEN >TOOLS>OPTIONS>PREFERENCES then unticked "Run this program when Windows starts". Ignorance is bliss, in my case this worked (XP Pro SP1) maybe I am just lucky, whatever the reason it seems to have been an instant fix. I have found the links you posted very useful reading, thank you - I would not have known how to navigate my way to administrator tools and then into services etc. had I not read them through. I am new to XP Pro and have so much to learn. <img src=/S/thankyou.gif border=0 alt=thankyou width=40 height=15>

  8. #8
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: KB828035 (Pro 2002 SP1)

    I think you're talking about a different critter, Cyberdance. Windows Messenger is a "chat" program and Messenger SERVICE is just that - a built-in service that allows messages to be sent to machines across a network and has been "exploited" by ad mongers and some (maybe) bad guys. I quote from XP's Help screen:
    <hr>Windows Messenger is an instant messaging program that enables you to:

    See who is online.
    Send an instant message.
    Call a contact's computer.
    Send someone a file.
    Have an instant message conversation with a group of friends.
    Invite someone to play a game.
    Get notified of new e-mail at Hotmail.<hr>

  9. #9
    4 Star Lounger
    Join Date
    May 2002
    Location
    Australia
    Posts
    549
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: KB828035 (Pro 2002 SP1)

    <img src=/S/hello.gif border=0 alt=hello width=25 height=29> Hi there Al, I am just starting to get any idea of what you mean about Messenger and the Messenger Service thingie, which I have not come across even though at work I am on a huge world network, perhaps the IT boys have been onto it for a long time preventing people like me from knowing about it. Thank you very kindly for the clarification, appreciate the help very much. Always learning, learning, learning...I need to clone myself so one of me can stay online and the other go to work. <img src=/S/chatter.gif border=0 alt=chatter width=38 height=16> Yikes what a thought.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •