Vista ARTICLES TOP 50 Spyware Virus Vista SOFT Vista HELP

MSN Messenger Buffer Overflow Makes Webcam Sessions Dangerous

Severity: Medium

11 September, 2007

Summary:

Today, Microsoft released a bulletin describing an important security vulnerability affecting MSN Messenger and Windows Live Messenger. By enticing one of your users into accepting a malicious webcam invite, an attacker could exploit this vulnerability to potentially gain complete control of that user’s computer. If you use MSN Messenger or Windows Live Messenger in your network, you should download, test, and deploy the latest version as soon as possible.

Exposure:

Microsoft’s security bulletin describes a vulnerability affecting MSN Messenger 6.2, 7.0, 7.5, and Windows Live Messenger 8.0. The flaw stems from a heap buffer overflow vulnerability in the code used to handle webcam and video chat sessions. We mentioned this vulnerability in an August Wire post, but Microsoft hadn’t patched it at that time. If an attacker can entice one of your users into accepting a specially crafted webcam invite, she can exploit this flaw to execute code on the user’s computer, with that user’s privileges. As always, if your users have local administrative privileges, attackers could exploit this vulnerability to gain complete control of their machines.

Solution Path

Microsoft has released new versions of MSN Messenger and Windows Live Messenger to fix this vulnerability. If you use either of these instant messaging clients, download and deploy the latest version of Messenger as soon as you can.

WatchGuard does not recommend the use of normal (insecure, unencrypted) Instant Messenger clients. If your organization does not require MSN Messenger, but users keep sneaking it in, check the Workarounds section of Microsoft’s bulletin for techniques you can use to block all Messenger traffic. In our experience, these workarounds are not 100 percent effective, but they might prove useful enough to discourage your unauthorized Messenger users.

For All WatchGuard Users:

If you allow MSN Messenger connections through your firewall, this flaw affects you and we recommend you download, test and install the patch above. However, you can also configure your WatchGuard Firebox to deny MSN Messenger traffic and thereby mitigate the risk of this vulnerability. For more details on blocking MSN Messenger traffic with your Firebox, read this FAQ.

Status:

Microsoft has released patches correcting these issues.

References:

Microsoft Security Bulletin MS07-054

Popularity: 1%

Written by bardissi. Read more great feeds at is source WEBSITE
no comments.
Read more articles on Student Computing and MSN Messenger and Windows 2000 and Microsoft and Non-Profit Technology and Windows XP and Business Computer Support and Home Computer Support and Windows Vista.

[+] Digg: Feature this article
[+] Del.icio.us: Bookmark this article
[+] Furl: Bookmark this article

Maxtor Basics Personal Storage 3200 (November 12th, 2007)
Seven Quicktime Buffer Overflows Affect Windows, Mac OS X (November 6th, 2007)
Lavasoft: FTC Brings Down Spyware Op (November 5th, 2007)
Lavasoft: Bypassing Bogus Security Software (November 5th, 2007)
Important Notice of Apple MacBooks from Retrodata (October 30th, 2007)

No comments

There are still no comments on this article.

Leave your comment...

If you want to leave your comment on this article, simply fill out the next form:

You can use these XHTML tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong> .