Skip to content

Channel Register

MSN Messenger flaw creates web cam peril

30 Aug 2007 10:12

Upgrade or be own3d

SlashdotDiggdel.icio.usReddit
® [Printer] [Mobile]

A vulnerability in MSN Messenger poses a severe risk of compromise for users of older versions of the software who accept untrusted web cam sessions.

Security bugs involving the handling of video conversations (web cam streams) by some versions of Microsoft's chat client create a means for hackers to inject hostile code onto vulnerable systems. Hackers first need to trick potential marks into accepting an incoming Web Cam invitation, before launching specially malformed data streams.

The heap-based buffer overflow vulnerability affects MSN Messenger version 7 and below. No immediate patch is available for older versions of MSN Messenger. Exploit code for this vulnerability is publicly available, security clearing house CERT warns, a factor that makes launching an attack far more straightforward.

Users are encouraged to upgrade to Windows Live Messenger 8.1 or later, which is immune from the vulnerability. ®

Track this type of story as a custom Atom/RSS feed or by email.
Previous Article Next Article
Whitepapers Jobs

Breaking Hardware News

triangular warning sign featuring exclamation mark

San Jose decides it's 'Visual Computing Week'

And just where does that leave National Bowling Week?

The heat rising from San Jose isn't merely an effect of a convention center full of GTX 280 cards being flipped on at once. Nvidia's decision to host its inaugural computing conference, Nvision 08, this week in the company's home town has fanned the flames of passion inside city officials.

Related Whitepapers