Paul Roberts, IDG News Service http://story.news.yahoo.com/news?tm...093&e=3&u=/pcworld/20031024/tc_pcworld/113108 Internet service provider America Online is taking aggressive steps to combat spam and close a security loophole by turning off a Microsoft Windows feature that spammers are exploiting to display pop-up messages on users' desktops, AOL said. AOL used an update of its software to disable the Windows feature without the knowledge or consent of AOL subscribers, raising questions about the ethics of the change. The feature in question, known as Windows Messenger Service, enables network administrators or network devices to display messages on users' desktops, but it has few applications for home users, according to Richard Smith, an independent security expert based in Boston. Using text commands entered from a command prompt, users can create a pop-up window containing messages on other users' desktops connected over a home network, corporate network, or the Internet, Smith said. Spammers discovered the feature a year ago and immediately began using it to barrage unsuspecting users with pop-up messages containing solicitations, he said. For spammers, Windows Messenger Service has advantages over e-mail. The spammer's message appears on top of the desktop, without requiring any user action to display it. Even more important, spammers do not need to know any e-mail addresses to get their message out to Windows users, just the IP addresses of Windows machines, Smith said.