Windows Live Messenger Flaw Fixed

This forum is for related Instant Messaging threats for all IM clients

Moderators: Admin Team, Moderators

User avatar
TeMerc
Site Admin
Site Admin
Posts: 15995
Joined: Fri Jan 28, 2005 5:16 pm
Area Of Expertise: Security
experience: I know the functions, OS settings, registry tweaks and more
PC time: What else is there in life?
Location: PHX, AZ
Contact:

Windows Live Messenger Flaw Fixed

Postby TeMerc » Tue Jun 19, 2007 9:21 am

By Jeremy Kirk

June 19, 2007 — IDG News Service (London Bureau) — Microsoft Tuesday fixed a bug in its Windows Live ID registration that let users deceptively register a false e-mail address.

The false e-mail address could then be used as an ID for Microsoft's Live Messenger program, which could trick users into thinking they are chatting with someone who is not whom he appears to be, such as steveballmerATmicrosoft.nl.

Erik Duindam, a Web developer in Leiderdorp, the Netherlands, reported the problem to Microsoft on Monday. Microsoft acknowledged it had fixed the bug but did not have further information on the flaw's impact.

It's unclear how long the flaw may have existed or how many accounts with deceptive instant-messenger IDs could have been created. Duindam said a fake ID he created was still active on Tuesday morning.

nwz CIO

digit Digg It!
Image

Return to “IM Threat Center”

Who is online

Users browsing this forum: No registered users and 2 guests