Sharing folders in WLM 8.1 vulnerable to buffer overflow

Even though the recent webcam vulnerability in MSN/Windows Live Messenger was only just addressed, another exploitable bug has already surfaced. This time it's a buffer overflow error that affects the Sharing folders feature in Windows Live Messenger 8.1 (and maybe other versions) running on Windows XP. The safety of the Sharing folder feature got questioned […]

Share online:

Even though the recent webcam vulnerability in MSN/Windows Live Messenger was only just addressed, another exploitable bug has already surfaced. This time it's a buffer overflow error that affects the Sharing folders feature in Windows Live Messenger 8.1 (and maybe other versions) running on Windows XP.

The safety of the Sharing folder feature got questioned before, but we now have a concrete example of how it can be abused. A Spanish security expert going by the name of Lostmon Lords has discovered that an attacker can cause a Denial-of-Service (DoS) or even execute arbitrary code in Windows Live Messenger 8.1 by means of a specially crafted jpg, wmf, gif, ico or doc-file.

blue screen of deathThe attacker can "Create a sharing folder" for its victim and then put the malformed file into the physical location of that folder on his hard drive (My Computer > My Sharing Folders > victim@hotmail.com). Note that if the attacker would drag & drop the file directly into the Messenger window, his own client would crash. Considering that the victim has accepted the sharing folder, the attacker can simply click the sharing icon to crash Windows Live Messenger, or even Windows XP entirely when the process isn't terminated in time. The victim then needs to delete the sharing folder entirely to cease the exploitation.

The vulnerability was discovered on the 20th of August 2007 and reported to Microsoft on the 23rd. The company responded one day later that it will address the issue in "the next service pack". Although there have been no reports yet of actual exploitation via this method, you should note that in order to protect yourself you should avoid sharing folders with contacts you don't trust.

Microsoft, MSN, Windows Live, Messenger, Windows Live Messenger 8.1, Vulnerabiluty, Flaw, Bug, Exploit, Buffer overflow

Source:? Mess.be

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he’s engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.