---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Messenger ActiveX Control Vulnerability SECUNIA ADVISORY ID: SA31446 VERIFY ADVISORY: http://secunia.com/advisories/31446/ CRITICAL: Moderately critical IMPACT: Manipulation of data, Exposure of sensitive information WHERE: >From remote SOFTWARE: Microsoft Windows Messenger 5.x http://secunia.com/product/40/ Microsoft Windows Messenger 4.x http://secunia.com/product/617/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows Messenger, which can be exploited by malicious people to gain knowledge of sensitive information. The vulnerability is caused due to the Messenger.UIAutomation.1 ActiveX control being marked "safe-for-scripting". This allows changing state, obtain contact information and a user's login ID, log on remotely to a user's Messenger client as the user, as well as initiating audio and video chat sessions without user interaction. SOLUTION: Apply patches. -- Windows Messenger 4.7 -- Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?FamilyID=8f588f7e-c4ed-42a0-b157-54b1eda60474 Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyID=a5fc5457-832f-4ee8-be60-4cc8518d1c10 Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?FamilyID=302315a8-ccb2-47c2-9104-b8e1d1f49aa0 Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyID=be94d138-7d7b-489e-baa6-e214950be6b9 Windows Server 2003 with SP1/SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?FamilyID=e4b72618-536b-4a21-bd91-d91be9ca24e5 -- Windows Messenger 5.1 -- Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774 Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774 Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774 Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774 Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774 Windows Server 2003 with SP1/SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?FamilyID=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774 PROVIDED AND/OR DISCOVERED BY: The vendor credits Haifei Li, Fortinet. ORIGINAL ADVISORY: MS08-050 (KB955702): http://www.microsoft.com/technet/security/Bulletin/MS08-050.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------