IE beta 7 & MSN Messenger
-- Microsoft Releases IE 7.0 Beta Designed for Security(15 February 2005) Mike Nash, corporate vice president of Microsoft's Security Business & Technology Unit, discusses the security enhancements in the version of Internet Explorer and then announces the beta of IE 7.0, a browser designed for safer browsing. http://www.microsoft.com/presspass/features/2005/feb05/02-15Updates.aspAND...
--MSN Messenger Exploit Published; Microsoft Makes Updates Mandatory
(11/9 February 2005)
Code for exploiting a libpng vulnerability in MSN Messenger has been
published on the Internet. Several examples of the code have been
discovered, along with directions on how it can be used to cause MSN
Messenger to crash or to run code remotely. Microsoft released a patch
(MS05-009) for the critical vulnerability on Tuesday, 8 February and
recommends that customers download and apply it as soon as possible. On
Friday, 11 February, Microsoft began restricting MSN Messenger service
to those with updated versions: MSN Messenger 6.2.0205 or the beta of
MSN Messenger 7.0.
http://www.infoworld.com/article/05/02/09/HNexploitmsn_1.html?SECURITY
http://www.microsoft.com/technet/security/bulletin/MS05-009.mspx
http://www.techweb.com/wire/security/60400328
Microsoft's link: http://www.microsoft.com/security/incident/im_info.mspx
[Editor's Note (Tan): This is a good move by Microsoft to force those
clueless users to upgrade. It will be better if Microsoft could take a
further step by working with Internet service providers to ensure users'
systems are forced to patch with this approach.]