Computing: Disabling Windows Messenger for Fun and Profit
Windows NT, 2000, XP and 2003 all contain a service called Messenger. This is not the same as instant messaging clients such as MSN Messenger; Messenger is primarily a way to easily send messages to computers within a network. If you have one of these operating systems, try the following: Click Start, Run, type NET SEND %COMPUTERNAME% Hello and click OK. You will see a box saying “Hello”.
As this service is on by default and doesn’t require authentication to access, anybody — in your network or on the Internet — can send you a message. Spammers have already discovered this so as you surf the web you might receive a popup box exalting the benefits of something you don’t want. Normally this isn’t anything to worry about because you are just being spammed randomly by your IP address. (This is Messenger Spam.)
However, with the announcement of a fault in this service which could result in your system being compromised, Messenger has changed from a harmless little tool running in the background to a full-scale liability, and because it is as ubiquitous as DCOM, the service containing the fault that gave rise to the W32/Blaster worm, the possibility of a similar Internet-wide kafuffle cannot be ruled out.
Fortunately Messenger can be turned off, and there is also a patch available. To turn it off in Windows 2000 and above, click Start, Run, type SERVICES.MSC and click OK. Right-click Messenger and choose Properties. Change the Startup Type to Manual, then click Stop. Then click OK and close the Services applet. To turn it off in Windows NT, go to Start, Settings, Control Panel, Services.
If you can disable the service or have a firewall you can wait for the next service pack, but if not, visit http://windowsupdate.microsoft.com and download the MS03-043 (828035) patch.