Dot know if it has been posted yet, no time to search now but here it goes (e-mail from dyagnosis (member at AO i think) ...

Dear MemorY None, ALERT: A Level 1 Exploit has been released.
Published: Feb 9th , 2005
Type: remote
Level: 1 - Remote root exploit on a major OS distribution.
Description: MSN Messenger PNG Image Buffer Overflow

Exploit Details:

* MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit
* Bug discoveried by Core Security Technologies (www.coresecurity.com)
* Exploit coded By ATmaCA
* Copyright �2002-2005 AtmacaSoft Inc. All Rights Reserved.
* Web: http://www.atmacasoft.com
* E-Mail: atmaca@icqmail.com
* Credit to kozan and delikon
* Usage:exploit <OutputPath> <Url>

* Tested with MSN Messenger 6.2.0137
* This vulnerability can be exploited on Windows 2000 (all service packs)
* and Windows XP (all service packs) that run vulnerable
* clients of MSN Messenger.

* After creating vuln png image, open
* MSN Messenger and select it as your display picture in
* "Tools->Change Display Picture".

More info + exploit download HERE

http://www.dyngnosis.com/Default.aspx?tabid=68