Main/News >> News Archives > The week of June 05 (2005) (you
are here)
Updated Gaim addresses MSN Remote DoS Vulnerability
 dwergs says ( 11 Jun 2005 ):
Gaim is a multi-protocol instant messaging client for Linux, BSD, MacOS X, and Windows. It is compatible with AIM, ICQ, MSN Messenger, Yahoo, IRC, Jabber, Gadu-Gadu, and Zephyr networks. Gaim users can log in to multiple accounts on multiple IM networks simultaneously.
Version 1.3.1 fixes a vulnerability recently discovered by Hugo de Bokkenrijder: "Remote attackers could cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error." The new version also addresses a similar Yahoo! flaw. Obviously, current Gaim users better download the update.
>> Download Gaim v1.3.1
NOTE: Gaim is participating in Google's Summer of Code and looking for students to work on free software projects under their mentorship. One of the ideas, for which you could receive $4500 upon completion, is the implementation of at least one other MSN file transfer protocol, one that directly connects the two clients. Interested programmers can find more info here. |
Ok, you can love Messenger again
 dwergs says ( 10 Jun 2005 ):
Following up on the Hotmail hack exposed by Alex De Vries at the beginning of this week, it seems like MSN has fixed the security flaw and brought I love Messenger back to life. Will Hotmail users be forever safe from now on? We can only hope.
UPDATE: Seems like only my regional (Belgian) version of ILM is back online. The US version still redirects to the MSN Messenger homepage. D'oh! It's back alright.
On another note, has using Hotmail become as troublesome for anyone else as it has for me? While the other day I was very happy to see the Body Search function for my 2 gig inbox re-enabled, I'm now experiencing seriously annoying "cache" problems day in day out. Stuff I delete keep showing up (especially in the case of Viagra spam that does NOT do any good to my ego) and new e-mails -of which I've been alerted through MSN Messenger toasts- don't appear at first sight. It takes a refresh or five, six and clicking a couple of links before my Inbox finally refreshes. All in all, this just makes me long for my quick 'n handy Gmail account. |
Updated: SpeedyMSN 2.0
 dwergs says ( 09 Jun 2005 ):
The final version of SpeedyMSN 2 for MSN Messenger 7 is finished. SpeedyMSN, fully compatible with Plus! and other addons, is a stripped down client making your MSN Messenger experience easier and faster. This version comes in both Dutch and English. Other changes include:
- Overall performance boost; - No Actions icons; - Removed ads, buy/pay/what's hot nags; - Removed MSN Spaces integration; - No screen-shaking when Nudged; - No flood protection for Nudges; - Etc.
>> Download SpeedyMSN 2.0.
>> Visit SpeedyMSN's home. |
We Hacked George W. Bush's Hotmail!
 dwergs says ( 08 Jun 2005 ):
I was going to make up a story here about how we gained access to George W. Bush's Hotmail account by exploiting the I Love Messenger flaw and then link to President Bush's Hotmail Inbox, but I guess it would end up being as credible as a random Comical Ali quote. And besides, Dubya doesn't even like e-mail. I kept the initial subject line though, just to mess with Echelon.
But inspired by yesterday's Hotmail hacking news, I'm launching a new competition in which I invite you to fake Hotmail accounts of world famous people just like the George Bush Inbox. Who's e-mailing Paris Hilton lately or how does Michael Jackson's inbox look like nowadays? Well, you get the idea... I'm rewarding the best parodies with Splitreason gear and other cool stuff I got lying around here.
If you recreate the HTML page, send us a link (or the zipped HTML/GIF contents). If you decide to use Photoshop, send the .PSD (not just a .GIF, .PNG or .JPG please). I'm accepting entries at parody^ (replace ^ with @). Make sure you use "Hotmail Parody" as your subject line.
UPDATE: Three entries so far. Thanks Sunith, Adex and Lou! Keep 'em coming.
[Thanks to: John] |
Dude, where's my tabs?
 dwergs says ( 08 Jun 2005 ):
Almost simultaneously Messers Rawson, Paulio and Faz reported that their tabs and dashboard buttons (My Space and MSN Today) have gone missing. In addition, links to What I'm Listening To songs in their contacts' Personal Messages have become unclickable.
While all these changes can easily be effectuated using our well-known Mess Patch, the sudden, unintentional disappearance of these features probably indicate maintenance work performed by the MSN team.
If you're experiencing the same mysterious absence, don't worry that you did something wrong... everything will undoubtedly return shortly.
Fantastic Four Featured Pack
 dwergs says ( 07 Jun 2005 ):
WARNING: Ilovemessenger flaw grants hackers access to Hotmail
 dwergs says ( 07 Jun 2005 ):
Alex de Vries, a 20 year old security enthusiast also known as Eierkoek, on Saturday discovered a major security hole in Microsoft's I Love Messenger websites. A so-called cross-site scripting flaw allowed an attacker to steal Cookies from Hotmail users and obtain access to their e-mail accounts. Microsoft immediately took down and now redirects its traffic to the main MSN Messenger website.
Microsoft claims that "Hotmail customers are no longer at risk", but we are aware of at least one other page that still contains the flaw! We can not stress it enough, but BE EXTEMELY CAUTIOUS when clicking links sent to you in e-mails or instant messages, or even on forums or regular webpages. If you ever visited I Love Messenger and just want be on the safe side, change your password and your secret question NOW.
The Hotmail and MSN flap comes within a week after Microsoft acknowledged that its South Korean MSN site had been hacked in what now appears to be an attempt to steal passwords for the popular Lineage game.
>> Hacking Hotmail by Alex de Vries: Read it here.
[Reported by: Timothy] [Source: CNET]
CustoMess Monday #3: Jumbo Animated Emoticons
 dwergs says ( 06 Jun 2005 ):
No, I did not forget! It's another CustoMess Monday and this time we're adding 10 animated smileys designed by Luke from Emoticon Monster, who already supplied 5 lovely emoticon packs before. Like most of the CustoMess content, these Jumbos are currently exclusively available through our software only. Let's all say thanks to Luke!
>> Download CustoMess for MSN Messenger 7.
>> Flashbacks: CustoMess Monday #1, CustoMess Monday #2.
THINK YOU CAN DO IT BETTER?: We're always accepting contributions for CustoMess and future CustoMess Mondays. If you designed an original set of MSN Display Pictures, bad ass MSN Backgrounds or killer MSN Emoticons, feel free to drop it in our inbox at the address below. The best of the best will be added and plugged in the news!

The King of Clay: Rafael Nadal MSN Display Pics
 dwergs says ( 06 Jun 2005 ):
In case you're wondering what I've been upto lately and why there hasn't been a single news post since Friday: I only just got back from a short trip to Paris. More specifically, I attended the spectacular Men's finals at Roland Garros. Prior to the tennis match, watched by millions and millions of sports fan worldwide, I was fortunate enough to run into Rafael Nadal's warmup with his sparring partner and his coach uncle Toni. Enough with the bragging, alright! I made MSN Display Pictures out of all the photographs I took. If you're into tennis, why don't you have a look?
>> Browse 31 Roland Garros MSN Display Pictures.
 Back to the News Archives