Thursday, July 13, 2006

Security risk in Windows Live Messenger!!!

Do you save your password within Windows Live Messenger so that you don't have to enter it every time you want to sign in? Well if you do, you probably shouldn't!

Over at Fanatic Live, Doggie, TheSteve and Psyko have discovered that with only a few lines of code a hacker could gain access to any passwords saved through/for Windows Live Messenger. This can be done due to a problem in the way that Messenger stores your password - everything is stored in plain (unencrypted) text!

Find out how you can access your passwords (on your local computer only) in this thread at the Fanatic Live forums.

Thread (including code) at Fanatic Live forums


Update:

My son John A. went and checked it out and here is what he said.

John A. said:
OK, not just anyone can do it...
John A. said:
Has to be done on the local computer.
K. John said:
Good, what did you find out?
John A. said:
and you have to have some skill with Microsoft Visual C++ 2005 Express

John A. also said that there are other ways to use this exploit but it looks like they have to be done from the local computer.

No comments: