Slashdot Mirror


Microsoft Instant Messenger Virus Sweeps Net

Many people have reported a Warhol virus affecting users of Microsoft Instant Messenger. If you get messaged, "Go To http://www.masenko-media.net/cool.html NoW !!!", or any similar message (apparently there are several websites with the infection code), I suggest not following the link. A brief discussion follows.

Sequence: Get messaged "Go To http://www.masenko-media.net/cool.html NoW !!!" or something similar with another URL. Follow the link. That webpage contains malicious code which gets your messenger contacts and sends a similar message to your contacts. It looks like it uses a vulnerability in formmail.pl as well, although I'm not exactly sure how (I'm not an expert in ECMAscript, sorry, and I have no systems that could possibly be affected by this to test with). I'm sure some of our readers can provide more information in the comments below.

There appear to be several webpages which carried the infected code, not just masenko-media.net. Some webmasters are already taking them down.

Sophistication: moderate. Damage: only your pride.

Solution: probably the latest mega-patch for Internet Explorer will fix the Microsoft bug that allowed this.

Risks: obviously, the code could have done worse than just messaging your contacts. With Microsoft making "messaging" an integrated part of the operating system, any flaws in it can be exploited to affect millions of people instantly, so it is a high-value target. Does it have commensurate high-strength security?

8 of 400 comments (clear)

  1. Gee... by PrimeWaveZ · · Score: -1, Troll

    Is this really a surprise? God forbid Microsoft ever tried to make medical equipment.

  2. Thank you kind sir by Breakfast+Pants · · Score: -1, Troll

    for stating the obvious.

    --

    --

    WHO ATE MY BREAKFAST PANTS?
  3. Re:this didn't infect me.. by Anonymous Coward · · Score: -1, Troll

    is there even a msn messenger for linux? I think this guy was joking, the moderator took him too seriously. really funny that microsoft news is posted to slashdot, but then again, its a bug (or a feature), so i guess it makes sense for them.

  4. FUCK OFF by Anonymous Coward · · Score: -1, Troll

    Fuck off slashdot you fucking useless asshole mother fuckers.

  5. Karma Suicide! by jeffy124 · · Score: -1, Troll

    After 600+ posts and 20 articles, my karma has been peaked at 50 for what seems like forever now. My new campaign: Karma Suicide!! Every post from now until my karma's back at zero will be this short crapflood posted with my +1 bonus. So moderators: Do your worst! You got only 17 more points to go! Mod me troll/OT/Overrated/Whatever to get my karma back to where it began. Do this ASAP! And as for the rest of you, commit karma suicide today!

    --
    The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
  6. Re:Kinda funny.. by Anonymous Coward · · Score: -1, Troll

    Was your mom the star of the porn site?

  7. Re:could be a lot worse, likely will be soon by Ooblek · · Score: 0, Troll
    Yeah, its too bad someone made such a thing as scripting languages. They are all ultra evil agents of Microsoft. Which scripting language do we abolish first? Perl? [c|ba|k]sh? ECMA? VBScript?

    Maybe if scripting languages are abolished, all the laid off techies that actually have real skills will have an easier time finding work.

    Do scripting languages prove or disprove the statement, "People are basically good?"

  8. So many holes, so little time by poemofatic · · Score: 1, Troll



    MS wrote IE.

    MS wrote Messenger.

    MS wants to bundle the two together into their OS.

    A browser is not a server.

    Linux is a kernel, not a distro.


    Your comment has too few characters per line (currently 9.1).

    --

    When in doubt, have a man come through a door with a gun in his hand.