I posted last week about a security flaw in AOL's Instant Messaging program that was spreading trojans like wildfire. Well, the hackers didn't want Microsoft IM users to feel left out apparently. MSN IM users have their very own security flaw that is being exploited.
Russian anti-virus and security vendor Kaspersky wrote Friday about an increase in spyware attacks on MSN Messenger users, an attack that succeeds in part due to a flaw in Microsoft's approach to blocking transfers of certain types of malicious files.
Last week, two out of three of the most active worms spread over MSN's instant messenger program, according to Kaspersky Labs. Microsoft at some point configured its Messenger network to block transfers of files ending in ".pif," responding to a rash of viruses, worms and trojans that disguised themselves as .pif images. By doing so, Microsoft sought to halt the progress of IM worms that spread rapidly to each of a victim's contacts after the recipient clicks on an exploit-laced Web link.
So why was Kaspersky saying new infections from the two MSN IM worms were "peaking above the radar to an extent you can probably call epidemic levels"? According to Kaspersky, both MSN worms that surfaced this week had devised an inscrutable guise for their exploits — they came masked as ".PIF" files.
It turns out the "fix" MSN applied is case sensitive. Whoops. I personally refuse to use IM programs at all. For just this reason.
