Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Instant Messenger Virus Sweeps Net

Posted by ryuzaki0 on from the RISKs-of-homogeneous-computing dept.

Many people have reported a Warhol virus affecting users of Microsoft Instant Messenger. If you get messaged, "Go To http://www.masenko-media.net/cool.html NoW !!!", or any similar message (apparently there are several websites with the infection code), I suggest not following the link. A brief discussion follows.

Sequence: Get messaged "Go To http://www.masenko-media.net/cool.html NoW !!!" or something similar with another URL. Follow the link. That webpage contains malicious code which gets your messenger contacts and sends a similar message to your contacts. It looks like it uses a vulnerability in formmail.pl as well, although I'm not exactly sure how (I'm not an expert in ECMAscript, sorry, and I have no systems that could possibly be affected by this to test with). I'm sure some of our readers can provide more information in the comments below.

There appear to be several webpages which carried the infected code, not just masenko-media.net. Some webmasters are already taking them down.

Sophistication: moderate. Damage: only your pride.

Solution: probably the latest mega-patch for Internet Explorer will fix the Microsoft bug that allowed this.

Risks: obviously, the code could have done worse than just messaging your contacts. With Microsoft making "messaging" an integrated part of the operating system, any flaws in it can be exploited to affect millions of people instantly, so it is a high-value target. Does it have commensurate high-strength security?

4 of 400 comments (clear)

  1. Darn, too late by Guspaz · · Score: 0, Offtopic

    Just submitted a lengthy story about this. Oh well. On another note, have you signed the futurama petition? Fox is canceling it. http://www.petitiononline.com/futufu/petition.html PS: First comment? By me? Wow!

  2. Re:interesting article on the reg by calags · · Score: 0, Offtopic

    You know a really virulent virus is coming when Microsoft insiders sudden sell as much MS stock as they can. Just like the Enron higher ups they'll cut and run.

    This brings up a question: If a real devastating security flaw is reported to them; they keep mum about it and then a massive security breach occurs that wipes out most MS OS machines out there (you know it's bound to happen :) does that mean that the SEC can move on them due to insider information?

    --
    Never attribute to stupidity what can be construed as a monopoly preservation tactic.
  3. What is .NET? by bahwi · · Score: 1, Offtopic

    What is .NET?

    Well, here's the answer. =)

  4. source code by daverr · · Score: 0, Offtopic

    where can I get the source code? I love learning about how virus' work and how they control apps remotely