SANSSecunia has reported an unfixed, unconfirmed remote code execution vulnerability in MSN Messenger’s Video Conversation functionality. An exploit appears to be available of which the description states it will cause a Denial-of-Service attack on MSN Messenger, and likely allows remote code execution on Win2k SP4 Chinese. If accurate, an offset change is likely all that is needed for this to work on other language releases.
According to the report, Windows Live Messenger 8.1 and higher are not affected. While Microsoft has not yet officially confirmed this vulnerability, we advise users not to accept untrusted video conversation sessions at this time.
This forum is for related Instant Messaging threats for all IM clients
1 post • Page 1 of 1
- Site Admin
- Posts: 15995
- Joined: Fri Jan 28, 2005 5:16 pm
- Area Of Expertise: Security
- experience: I know the functions, OS settings, registry tweaks and more
- PC time: What else is there in life?
- Location: PHX, AZ
Users browsing this forum: No registered users and 2 guests