14 February 2009

Massive MSN Messenger AKA Live Messenger Security Hole(s?)

I've heard of this happening before but didn't think it was possible, and assumed people had clicked on an OK button or something without thinking, but yesterday it happened to me!

I received a MSN Messenger message, which contained garbage, from a friend. I replied to say I couldn't read it, assuming they were using a weird font that I didn't have installed, then just after I hit the enter key to send the message a "File Save" window popped up very briefly then vanished. After that I got a window up to say "Picture can not be displayed", above an OK button. Realising something odd was happening, I powered off my computer right away.

For those of you wondering why I powered off and didn't just click the "X" in the top right of the window to close the program, that "X" in the top right of the window can be programmed to do things other than exit a program! In fact, any button can be programmed to do anything, which may or may not be what it says it will do. When it comes to suspicious software, like trojans and viruses, it is often the case that the program isn't doing what it says it is doing.

Anyway, I powered the computer back on, hoping I had stopped the malicious program in its tracks, and searched Harding-Internet for the term, '"picture can not be displayed" msn messenger torjan', to see what came up. A couple of pages confirmed I had picked up a nasty trojan that bypassed my up to date AVG anti-virus software. Not a lot of info on the trojan, so it may be a new one, which would also explain why AVG didn't pick it up. I found this info: http://www.threatexpert.com . It isn't identical to the information on my computer, but close enough to be of the same family, so I used the information to remove the trojan manually. I then rebooted and all seems well.

I have no idea what this malicious program does, but I can't take the chance of having a possible key logger on my computer because I use it for banking and other sensitive tasks, including some of my income. Better to be safe than sorry.

I know, I know, I can hear you all telling me that I shouldn't be using the dreaded malicious software magnet, AKA M$ Windows, from Microsoft. I just haven't got around to sorting out a minor issue I have with Ubuntu on my laptop. I'm also looking at Sun OpenSolaris as an alternative OS.

Anyway, I did a bit of reading up on MSN messenger and discovered that there are a few very serious security holes that would make MSN Messenger unsuitable for use on any computer other than a perhaps a games computer where no important info is stored. Those pretty Winks you get from people are written in Flash and can contain any kind of program besides pretty pictures, sounds and videos. Winks are supposed to be protected by security certificates that only allow companies approved of by Microsoft to make the Winks. A group of frustrated programmers wanting their own design of Winks and not wanting to pay $3 or more per Wink (what a rip-off!) have already found a way around the Winks security on MSN Messenger, so I guess it's only a matter of time before some serious Wink viruses are doing their rounds.

All traces of MSN Messenger and MSN Live have now been removed from my computer, so those of you wanting to chat online with me, it's about time you got a decent chat program anyway, so look me up on Skype, Gizmo, Yahoo Messenger, ICQ or Google Chat. Email me if you need my contact info for those chat programs.

Next time I'm getting an Apple Mac....

Click here for some Microsoft nicknames

Harding Internet