WiFi Finder
Locate wireless services by a specific address, city, state, country, airport, or zip code.
Security Hole Found in MSN Messenger
Critical flaw in Microsoft's chat and IM tools could allow attacker to run code on vulnerable PCs.
Sam Costello, IDG News Service
A security hole deemed "critical" by Microsoft could allow an attacker to run code of their choice on a vulnerable PC by exploiting a problem in Microsoft's MSN Chat, MSN Messenger, and Exchange Instant Messenger products, Microsoft says in a security alert Wednesday. The company has patched the vulnerability.
The vulnerability comes in an ActiveX control that allows users of MSN Chat, Messenger, and Exchange Instant Messenger to group together in a single "space" to chat in real time, Microsoft says.
A buffer overflow in the component could allow an attacker to assault the flaw and run any code against vulnerable machines, Microsoft says. An attacker could also exploit the vulnerability using a malicious Web site or through e-mail formatted in HTML, the Redmond, Washington, company says.
The ActiveX component that allows the chat feature is included with MSN Messenger 4.5 and higher and Exchange Instant Messenger, Microsoft says. MSN Chat users and Windows XP users, however, would only be vulnerable to the bug if they had downloaded and installed the chat component separately, Microsoft says.
E-Mail Protection
E-mail users are protected if they have downloaded the Outlook E-Mail Security Update or are running Outlook 2002 or Outlook Express, the company says.
More information about the vulnerability, and a patch to repair it, are available on Microsoft's Web site.
Microsoft's chat problem comes three days after the announcement of a security hole in rival America Online's Instant Messenger application that could have allowed attackers to run programs of their choice. That flaw has since been patched by AOL.
With HP wireless printers, you could have printed this from any room in the house. Live wirelessly. Print wirelessly.
PCW's Mobile Life Guide
Laptop Showcase
Related Web Articles
- Jott Voice-to-Text Revisited Big changes to the voice-to-text service provide more features for the mobile professional--for a price.
- A Decade of Internet Superstars: Where Are They Now? Whatever happened to the Evolution of Dance guy or that kid who loved Britney Spears so much he cried for her under his sheet? We'll fill you in on what happened to them and other Web celebrities when their 15 minutes of fame ended.
- LinkedIn: The Network Effect Revisited You've signed up for LinkedIn, because everyone says it's the primary business social network. But to whom should you connect? According to a few power users, there are a few common approaches, most of which are different than what you'd do on Facebook.
- Why Citizen Journalism Doesn’t Work Steve Jobs is not dying -- but fact-checking is on life-support.
- Usenet: Not Dead Yet Usenet, a source of community and file exchange for many long-term users, is now being targeted by some of the major ISPs. Is it on its last legs?
- Web Demo: Discover the Benefits of VoIP Is your company looking for a world class VoIP communications solution that will meet all of your business requirements? If so, join us for our Live Online Demo where you will receive a "guided tour" to the AltiGen Solution.
- PC World Webcast: Going Green Wondering how to make your business greener? These tips will help your business save money, and save the environment.
- A Windows Vista FAQ Corporate customers are deploying Windows Vista now, and Dell Services wants to help you understand the features of the new OS and how to plan your Windows Vista deployment.
PC World's Marketplace
PC World's Free Whitepapers
