New exploit hits MSN Messenger
By Rene Millman,
A new vulnerability has hit the MSN Messenger service, which could allow hackers to compromise the computers of people using the service.
A bug in the application's video chat component could allow an attacker to remotely execute code on a victim's system. The flaw affects versions 6.x and 7.x of the popular instant messaging application, while the new version, called Windows Live Messenger 8.1 is unaffected.
According to an advisory put out by IT security firm Secunia, users of the previous versions of MSN Messenger should upgrade to the latest version. Micorosft also recommended the same course of action to affected users.
The flaw was discovered by a security researcher, known only as "Wushi". The vulnerability is caused due to an error in the handling of video conversations and can be exploited to cause a heap-based buffer overflow via specially crafted data sent to a user. According to the advisory, successful exploitation may allow execution of arbitrary code, but requires that the victim accepts the incoming web cam invitation.
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Networking Analysis & Insight
Welcome to the stay-at-home Olympics
Inside the Enterprise: The Government has warned of disruption, and the Civil Service is practising working from home. Could IT yet save businesses from chaos on an Olympian scale?
- Q&A: Cisco on servers, storage and strategy
- It's not about the browser, stupid!
- The Great British network squeeze
- New year: new suppliers
- Top 10 tech winners and losers of 2011
- 2011: The year in news
- UK rural broadband: too little, and too late
- HP PCs back on the menu with Dellish plans
- Top 10 social networking tips for enterprise - part one
Latest Networking Reviews
Swyx SwyxExpress X20 review
Rating: 
- Ipswitch WhatsUp Gold Premium 15
- ForeScout Technologies CounterACT 6.3.4
- ThinPrint Printer Dashboard review: First Look
- TITUS Aware for Microsoft Outlook review
- Windows Phone 7 Mango review: First Look
- Dartware InterMapper review
- Kemp Technologies LoadMaster 3600 review
- Sangfor WANACC M5500 review
- Office 365 review: First look
advertisement
Most popular
- Will someone rid me of these troublesome Macs?
- Symantec hackers: We've released pcAnywhere source code
- BT considering Ofcom price cap appeal
- Google sends in Bouncer to sort out malicious apps
- ACTA: the basics, the controversies, and the future
- Trendnet firmware flaw exposes private videos
- Anonymous publishes FBI hacking call
- Head to Head: Mac OS X 10.7 Lion vs Windows 7
- VeriSign admits 2010 hack
- Nokia Lumia 710 review
PlayRegister for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
