Microsoft published a security bulletin affecting the MSN Messenger 6.2 and 7.0 beta. According to security firm Secunia, the vulnerability is caused due to an error within the processing of GIF images and can be exploited by sending a specially crafted emoticon or display picture to a user.
A successful exploit enables an attacker “to take complete control of an affected system,” Microsoft acknowledged in its security bulletin MS05-022. This includes the installation of software; viewing, changing or deleting data as well as the creation of accounts with full user rights.
Microsoft provides a Messenegr update on its bulletin pages to patch the vulnerability. (THG)