Alert: Microsoft Tries To Head Off MSN Messenger Attack - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

05:49 PM

Alert: Microsoft Tries To Head Off MSN Messenger Attack

To head off a widespread, invisible attack, Microsoft Friday went proactive, locking out all accounts and making updates mandatory for users of its vulnerable MSN Messenger.

Microsoft Friday locked out all users of its vulnerable instant messaging client, MSN Messenger, in an attempt to prevent an exploit from invisibly sweeping through PCs running the software.

The move came just three days after Microsoft first disclosed a vulnerability in MSN Messenger, and the security firm that discovered the flaw posted proof-of-concept code. That proof-of-concept, Microsoft claimed, was then used by another, unnamed individual, to create a working exploit.

"Microsoft wants customers to be aware that exploit code is now public and urges them to patch their systems," a company spokeswoman said in an e-mail.

To prevent a widespread attack, Microsoft went proactive and made updates mandatory for MSN Messenger users.

"We have restricted access to the MSN Messenger service to updated versions only," Microsoft wrote in a security bulletin posted on its Web site Friday. "Users who try to sign in with outdated versions are automatically prompted to update their software."

Users with a version of MSN Messenger earlier than 6.2.0205 must update to that edition, or the beta of MSN Messenger 7.0, before they're able to log on.

The vulnerability is insidious, according to Boston-based Core Security Technologies, the company that uncovered the bug and first alerted Microsoft in August 2004.

All that's necessary to trigger a buffer overflow vulnerability in a computer running MSN Messenger is a specially-crafted buddy icon, Core claimed. Once the buffer overflow's generated, the hacker could "surreptitiously take over machines running the instant messaging software. The attack would travel through the established chat session and would pass unnoticed by firewalls, network intrusion detection systems, and even host-based personal firewalls and anti-virus software."

"This is a critical security flaw since it directly affects more than 130 million users and because the attack is very likely to go unnoticed by the several layers of security countermeasures commonly used today," said Ivan Arce, the chief of technology at Core, in a statement earlier this week.

Microsoft blasted Core for publishing proof-of-concept code on its Web site Tuesday, the same day Microsoft made public the flaw and urged users to update MSN Messenger. Core's proof-of-concept included a malformed image file that would compromise vulnerable PCs.

"Microsoft is concerned that the publishing of proof-of-concept code within hours of the security updates being made available has put customers at increased risk," it said in the advisory.

"This kind of action really is not good for customers and goes against industry standards," the spokeswoman said.

Besides blocking vulnerable versions of MSN Messenger, Microsoft also updated its instructions for both individuals and enterprises on protecting systems from the exploit.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Where Cloud Spending Might Grow in 2021 and Post-Pandemic
Joao-Pierre S. Ruth, Senior Writer,  11/19/2020
The Ever-Expanding List of C-Level Technology Positions
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/10/2020
Register for InformationWeek Newsletters
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll