The latest version of Microsoft’s instant messaging client is superior to its predecessor when it comes down to protecting users against malicious code that spreads itself through the IM network.
Windows Live Messenger 2009 customers should consider upgrading to Windows Live Messenger 2011, provided that they’re using Windows Vista SP2 or Windows 7, in order to take advantage of additional security mitigations capable of blocking the spreading of a self-replicating worm.
But for customers that are stuck running the Wave 3 version of Windows Live Messenger, Microsoft has taken the necessary measures to make it very hard for the worm to infect additional computers by sending links to malicious web pages to all the friends in the list of users with compromised computers.
Essentially, the software giant has switched off Active Links in Windows Live Messenger 2009. According to the Redmond company, this move is temporary.
“We’ve temporarily turned off active hyperlinks for web addresses sent in IM conversations using Windows Live Messenger 2009,” explained Microsoft’s John Scarrow
“You will still be able to copy a web address and paste it into a browser window if you know it to be safe, but by removing active hyperlinks from Messenger 2009, we’re taking a significant step towards stopping the unintentional spreading of this worm.
“Because we’ve now blocked active links in Messenger 2009, starting [Nov. 12], some customers may also see a notification in the main Messenger window warning them that some features might not be available.”
According to information supplied by Microsoft, the worm is attempting to spread not only through the Windows Live Messenger network, but also through additional IM communities.
Security enhancements in Windows Live Messenger 2011, such as Link Safety, along with the advances in user protection of Vista and Windows 7 make it more difficult for this worm to exploit the latest version of the Redmond company’s instant messaging client in order to infect new PCs.
“Messenger 2011 is not impacted in the same way, thanks to its Link Safety feature. However, we are actively monitoring the situation and investigating different approaches to help protect customers using the latest version of Messenger, should the situation change,” Scarrow stated.
The worm is designed to insert links into IM conversations. These malicious links appear to be coming from the friends in the user’s list, and as such customers are highly likely to click on them and get infected.
By disabling active links in Windows Live Messenger 2009, Microsoft no longer allows for the links inserted by the worm to be clickable.
Users can still visit the malicious web page that the links sent by the worm sends over, but they need to copy and paste the URL in the browser window.
“Normally, when Messenger sees a web address in a conversation it is turned into a hyperlink which, when clicked, automatically opens in a web browser.
“This feature makes it very easy for the malicious worm to be unknowingly installed on your computer by clicking on the link and being sent to a web site containing the malicious software.
“We’re pursuing a number of activities to help protect you, working actively with industry experts and law enforcement to help stop this criminal activity,” Scarrow added. You can download the features of the Windows Live Essentials suite here:
Windows Live Family Safety
Windows Live MeshWindows Live Photo GalleryWindows Live Movie MakerWindows Live MessengerWindows Live WriterWindows Live MailThe Bing BarSilverlightOutlook Connector Pack