MSN Messenger 7 Beta, exploited
Results 1 to 8 of 8

Thread: MSN Messenger 7 Beta, exploited

  1. #1
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126

    MSN Messenger 7 Beta, exploited

    As MSN Messenger 7 goes into private beta, Neowin has learned of several exploits resulting in the "winks" feature of MSN Messenger 7. A Neowin member wishing to remain anonymous has alerted us that users can generate their own flash movies and send them across MSN Messenger. As flash movies can open other things on the system such as Internet Explorer, this could be fatal. As MSN Messenger 7 is only beta and isn't available publically this isn't a major exploit but it does show that added features to a product like this makes it less secure and more open to attack/exploit.

    MSN Messenger 7 is beta and is available in copies floating around the internet. We strongly advise members not to use the current beta until this flaw has been resolved. MSN Messenger 7 effectively opens your system up to allow a hacker to run numerous tasks on your machine.
    Source : http://www.neowin.net/

    The Beta was release YESTERDAY and it's allready exploited! How pathetic!
    -Simon \"SDK\"

  2. #2
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    isn't that why beta test? the idea is to throw it at a mixed group.. and different imaginations and see what breaks..
    ... mind it is a chuckle to hear..

    Thanks for the info SDK.. always appreciated..

    Cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  3. #3
    Developer Extraordinar
    Join Date
    Jul 2002
    Location
    Internets
    Posts
    571
    Ouch, that doesn't look good for MSN7, I've used it, and it seems pretty good, mind you that the "Nudge" feature is stupid. Amoung other things, personally, I think it could do without the "Wink" feature, and and "Nudge" feature, but other than that, it looks like a nice upgrade... I just wish aMSN was close to it like that, or anything that I could use in Linux for MSN for that matter....

    microburn
    Come to UnError.com

  4. #4
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    Originally posted here by Und3ertak3r
    isn't that why beta test? the idea is to throw it at a mixed group.. and different imaginations and see what breaks..
    ... mind it is a chuckle to hear..

    Thanks for the info SDK.. always appreciated..

    Cheers
    I had hope that Microsoft Trustyworthy Computing would at least show some result in other program other that Windows and Office! Look like MSN Team need to take some programming security class!
    -Simon \"SDK\"

  5. #5
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Ahhh... The impatient society.... using _instant_ messengers.... What's wrong with AO or PMs? I can have an "instant" conversation here with anyone... I have had regularly.... Through a more "controlled" environment.... If I want it _that_ "instant" and the conversation is important I will give my phone number.... How hard is that?

    I just don't get the whole IM/ICQ thing.... Guess I'm old....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  6. #6
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    You still talk about ICQ? Man, you're old!!
    -Simon \"SDK\"

  7. #7
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    Hey watch it AO French Antique News Whore.......it was only in the last year or so I finially dumped ICQ. And that was because AOL had bought them. (although it has been several years since I have used ICQ)
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  8. #8
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126

    Microsoft delays IM beta over security concerns

    Microsoft delays IM beta over security concerns

    Microsoft confirmed on Thursday that it has suspended the beta release of MSN Messenger 7.0 because of a potential security hole affecting one of the program's features.

    The security concern stems from a feature called "winks," essentially Flash-based animated buddy icons with sound effects that users can send to one another. Apparently hackers can exploit the hole to send their own unauthorized winks to people, causing a "security problem" for the recipient, a Microsoft representative said.

    Because of this discovery, Microsoft will pull the winks feature when it releases the MSN Messenger 7.0 beta next week. The software giant had planned to release the beta this week.

    The winks feature was developed by Microsoft's IM development team Threedegrees. The group, largely consisting of recent college graduates, was formed in 2001 as part of Microsoft's efforts to develop services targeting 18- to 24-year-olds, or what the company calls the "Net generation." IM is central to these efforts, since the software has become a popular way for young Net users to socialize and interact.

    Threedegrees services have made their way onto the current version of MSN Messenger, but their presence has been under the radar. MSN Messenger users can find links to download Threedegrees services, along with features that let groups of people share digital files such as music and photos.

    In fact, Microsoft hopes to make Threedegrees' collaboration services useful as a way to share song playlists, while integrating features from its MSN Music store.

    A version of MSN Messenger 7.0 beta leaked onto the Web last week, revealing other features, such as personalization tools and areas dedicated to MSN Search.
    Source : http://news.zdnet.com/2100-9588_22-5401516.html

    That a nice move by Microsoft!
    -Simon \"SDK\"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •