A couple of computers here have had a window pop up talking about MS security bulletin MS03-043. The window mentions something about a buffer overflow could let code be executed (has something to do with IE 5.01). The bottom of the window says to go to to download the patch.

I went to microsoft and there is a security bulletin with that number, for that problem but the patch is on a microsoft server. This is where I saw that the bulletin is for IE 5.01. MS says that XP is an affected system, but wouldn’t XP have a later version than IE 5.01?

There is nothing on the MS site which mentions Needless to say I didn’t download anything from that site, easy since the computers in question don’t have IE on them.

What is the deal here? What is the windowspatch site about? Should they be reported to MS?

From what I can gather,’s scam is to offer to sell you Windows patches you can get free from Microsoft. The popup also probably indicates you have a Messenger service vulnerability (not damaging, just annoying that anyone can you send you spam messages like the above) or spyware problem.