MSN Messenger vulnerable to

Exploit code for a “highly critical” vulnerability in MSN Messenger has been posted to a Chinese-language forum, prompting Microsoft to urge all users to immediately migrate to Windows Live Messenger 8.1.

The exploit, available here, is caused by an error in the handling of video conversations and can be exploited to cause a heap-based buffer overflow via specially crafted data sent to a user.

Secunia warns that successful exploitation may allow execution of arbitrary code, but requires that the victim accepts the incoming Webcam invitation.

“This is under investigation,” a Microsoft spokesman said.

“Our investigation so far shows that the latest version, Windows Live Messenger 8.1, is not vulnerable to this issue,” he added, urging Windows Live Messenger 8.0 users to upgrade to Messenger 8.1.

Source: Neowin

Published August 30th, 2007 by Martin Leave your comment
(No Ratings Yet)
Loading ... Loading ...


No User Responded in " MSN Messenger vulnerable to "

Subscribes To Comments Post Rss or Leave A Trackback To This Post
Leave A Reply Here

  Username [*]

  Email Address [*]

  Website

Subscribes to this post comments updates

Please Note: Your comment will be under moderation. Don't resubmit please. Thank you.