Exploit for MSN Messenger flaw released on the web

Posted on Thursday, February 10 2005 @ 14:39 CET by Thomas De Maesschalck

Source code to take advantage of a security hole in Microsoft's MSN Messenger has been published on the web. Security firms suspect that the publication of this code could lead to a MSN Messenger worm or virus.

The code attacks a hole in an MSN Messenger component called "libpng," which is used to display PNG (Portable Network Graphics) files that are used to show smiley faces, buddy icons and other graphics. More than one example of code to exploit the hole was available on the Internet Wednesday, along with directions on how to use it to attack vulnerable Messenger applications. The code can cause Messenger to crash, or allow a remote attacker to run code on vulnerable Windows machines, according to a Vulnerability Alert released by Symantec (Profile, Products, Articles) Corp.

More info at InfoWorld

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments

Share this story!