New Security Gap Found In Windows Messenger Service: Page 3 of 3

Symantec's test exploit only crashed the targeted systems -- one possible result of a worm -- but hackers could modify existing exploits to cause any number of problems, including inserting other malicious code that might give them access to the systems. "The sky's the limit," said Huger.

Not to be confused with Windows Messenger, Microsoft's instant messaging platform, Windows Messenger Service is used by applications to communicate with each other, and often by enterprise network administrators to alert users of such things as impending server shutdowns. It has also been used by some spammers to pop text-message spam onto users' desktops.

Symantec recommended that users -- both corporate and consumers -- immediately apply the Microsoft patch if they haven't done so. Other ways to defend against the threat are to disable the Windows Messenger Service, or to block TCP ports 137-139, UDP port 135, and UDP ports 1025 and higher.

Users can disable Windows Messenger Service by following the instructions in Microsoft's security bulletin.

"If this type of exploit pops up, it would present a more severe threat than even Slammer," concluded Huger. "And it's likely that this isn't the only new vulnerability we'll see in Windows Messenger Service. We'll see more of these in the future."