Fix - @Jason Hall
While I don't know if it's an absolute "fix" or not*, disabling the Remote Assistance component certainly cannot hurt anything (unless of course you depend on this service):
Right click My Computer (on start menu or desktop) > Properties > Remote tab > uncheck "Allow remote assistance invitations to be sent from this computer" and (if on XP Pro) "Allow users to connect remotely to this computer".
The topmost choice is checked by default. (You'd think they'd learn, this is not the first time.)
The services themselves (services.msc console > Terminal Services) can be disabled to keep them from ever starting. That should also help to mitigate the attack.
If you have to use Terminal Services/Remote Desktop over an untrusted network, or you operate one that must face the public Internet for some reason, you'll do very well to also follow the advice presented at http://www.mobydisk.com/techres/securing_remote_desktop.html .
By default, Windows lets the system administrator account have access to the Remote Desktop/Terminal Services service and you have to deliberately stop it.
Versions of Windows for Desktop users (not servers) prior to XP don't have the Terminal Services/remote assistance component built in, nor do they have a help center service.
* that means I disclaim any and all liability, have not exhaustively tested this, I mean well but can't be sure and that if it doesn't work, I have never heard of you. Furthermore, users trying this may experience headaches, spontaneous human combustion, disappearance of their computer into a black hole, printer fires and/or telemarketing. IOW, proceed at your own risk!
Biting the hand that feeds IT
