FYI..for those that are not aware of this. ======================= October 25, TechWeb News - Attackers gearing up to exploit Windows Messenger security hole. An exploit code that takes advantage of a critical vulnerability in Microsoft's Windows Messenger Service is out in the wild and could prove as dangerous as this summer's MSBlaster worm if attackers decide to focus their efforts, security analysts said Friday, October 24. Released early last week, the exploit code -- which has been crafted to run not only on attackers' Windows machines, but also on Linux and Unix boxes -- crashes Windows systems not patched against the vulnerability released October 15 in Microsoft Security Bulletin MS03-043. What concerns security analysts is the speed with which this exploit was produced. The span between the disclosure of the vulnerability by Microsoft and proof of exploit code was just three days. Users can disable Windows Messenger Service by following the instructions in Microsoft's security bulletin: http://www.microsoft.com/technet/treeview/?url=/technet/security/bull etin/MS 03-043.asp Source: http://www.internetweek.com/security02/showArticle.jhtml?articleID= 15600402 Garry Peirce [log in to unmask] 1-207-581-3539 ============================================ == Network Analyst == UNET Technology Services, Network Operations == University of Maine System ============================================