Home > Security News > Flaw found in MSN Messenger
Security News:
EMAIL THIS

Flaw found in MSN Messenger

By SearchSecurity.com Staff
29 Aug 2007 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

Attackers could exploit a flaw in MSN Messenger to run malicious code on targeted machines, according to Danish vulnerability clearinghouse Secunia.

The problem, discovered by a researcher who goes by the name Wushi, is an error in how the application handles video conversations. Attackers could exploit it to cause a heap-based buffer overflow via specially crafted data sent to a user."

"Successful exploitation may allow execution of arbitrary code, but requires that the victim accepts the incoming Web Cam invitation," Secunia said in its SA26570 advisory after independently confirming the flaw. The vulnerability affects version 7.0, and no fixes are currently available. However, users could address the flaw by upgrading to Windows Live Messenger 8.1 or later, which is not affected by the vulnerability. Also, Secunia advised users not to accept untrusted Web Cam sessions.



Tags: IM Security Issues, Risks and ToolsVIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
IM Security Issues, Risks and Tools
What are effective ways to stop instant messaging (IM) spam?
Secure messaging complications result in limited protection
Is it possible to ban chat programs on an enterprise LAN?
How to lock down instant messaging in the enterprise
AOL closes AIM attack vector, but risks remain
Researcher says AIM still vulnerable, AOL insists it's fixed
Serious security flaw in AOL Instant Messenger
Security flaws found in AOL, Yahoo IM programs
AOL, Yahoo, Trillian IM applications under threat
Security vendor Postini acquired by Google

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
greynet  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



More Tips to Secure Your Network
Focused on Channel Security?
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts