Earlier article to this, we talked about new exploitations, and here, another potentially large exploit if successful. Imagine, if MSN messenger (installed and used by millions) carry dangerous attack routines/payloads and misguiding/fake information within its advertisement. Sigh.
Note: The attack can be automated and a pop-up appears encouraging users to download an Antispyware program.
Article Excerpt
Microsoft IM tool carries ads for fake security product. Microsoft‘s MSN Messenger, recently renamed MSN Live Messenger, was found last week to be carrying banner advertising for the WinFixer rogue anti-spyware product. WinFixer, also known as ErrorSafe, uses fake warnings of malware infections to trick users into installing its software. Like many such rogue applications, installation may be limited to a low-grade malware scanner which blackmails victims into paying for a ‘full version’ to remove non-existent infections; more insidious rogue products also include downloader trojans to bring further unwanted adware and spyware onto compromised machines. It is thought the advertising was sneaked past the MSN Messenger screening process by replacing a clean advertising stream. While some of the ads required the user to click on them to activate the attack, others are thought to have been capable of launching without user interaction. Microsoft has issued an official apology for the breach and has removed the ads from the Messenger product. Internet Explorer expert Sandi Hardmeier has more details and screenshots at the SpywareSucks blog, here.
Anyway, there’s a cool tool that can fix ads for good!!!… http://apatch.ikhost.com/index.php
A-Patch for MSN build (8.0.0812) features are as follows:
:: Contact List – 30
Remove Windows Live Logo
Remove “Messenger” Title
Remove Display Picture Container
Remove Personal Message Bar
Remove E-mail Button
Remove Sharing Folders Button
Remove My MSN Space Button
Remove Windows Live Today Button
Remove Make a Phone Call Button
Remove Yellow Information Bar
Change Display Picture Link
Remove Contacts Personal Message
Remove Toast Display Picture
Remove Gleam Notification
Remove Advertisement
Add Always On Top Button
Remove Search Bar
Remove Display Picture in Sign-In Window
Remove Bottom Links in Sign-In Window
Remove Windows Live ID Branding
Disable MSN Spaces Contact Card Integration
Remove Color Button
Disable Song Links
Remove Emoticons from Nicknames
Remove Contact Manager Bar
— Move Contact Manager Bar to the Bottom
— Remove Extra Padding from the Contact Manager Bar
— Remove “Add a Contact” Button from the Contact Manager Bar
— Remove “Manage your Contacts” Button from the Contact Manager Bar
— Remove Contact Search Field from the Contact Manager Bar
:: Instant Message – 34
Remove Windows Live Logo
Remove Invite Button
Remove Send Files Button
Remove Web Cam Button
Remove Call Button
Remove Activities Button
Remove Games Button
Remove Block Button
Remove Color Button
Remove Search Button
Remove My Display Picture Container
Remove Font Button
Remove Emoticons Button
Remove Voice Clip Button
Remove Backgrounds Button
Remove Winks Button
Remove Packs Button
Remove Nudge Button
Remove What’s Hot Section
Remove Formatting Toolbar Separator
Change Ink Tabs to Text
Remove Advertisement
Add Custom Games
Remove Contact’s Personal Messange and E-mail (To: Bar)
Remove Web Cam Icon from Avatar/DP Containers
Remove Nudge Delay
Disable Nudge Shake
Remove Send Button
Add Send Button to Handwriting Tab
Remove Status Information Bar Remove “Get a Webcam” Link Add Always On Top Button
Remove User Is Writing Message
Remove Convert Tab
Remove “says” Text