Are you using Windows Live Messenger? Then, you might as well be aware of the fact that Microsoft's instant messaging client is the most attacked product among its peers. Windows Live Messenger manages to expose its users to greater risk compared to those running Yahoo Messenger, or AOL Messenger. According to Microsoft, its IM client accounts for the largest community of users worldwide, almost 400 million. And in this context, it is only natural that with the largest share of the instant messaging market, Windows Live Messenger comes under a barrage of fire more so than its competitors.

Statistics provided by FaceTime Communications, a provider of security solutions, representing an overview of the 2007 malware trends, indicated the monitored instant messaging, P2P file sharing and chat applications accounting for 1,088 reported incidents in the past year.

"Threats over IM and P2P networks are occurring at an average rate of just over five unique incidents per day. Additionally, social networking sites are increasing in popularity resulting in a corresponding increase in malicious activity targeted at users of these sites", revealed Frank Cabri, vice president of marketing and product management for FaceTime.

Out of the total mass of threats, no less than 45% were using Windows Live Messenger as an attack vector. In contrast, Yahoo Messenger was affected only by 20% of the threats, while the AOL Instant Messenger network accounted for 19%. The remainder of IM networks, including private ones, reported issues amounting to just 15%.

"Most organizations are not willing to accept the security and compliance exposure resulting from the uncontrolled use of these applications. IT managers need to ensure the safe use of approved applications and effectively detect and block the rogue use of unapproved applications", Cabri added, underlying the fact that the risks are not limited to home users but expanding into the enterprise environment.

FaceTime Communications exemplified the statistics with the September 2007 MSN Virus delivering a .ZIP file full of malicious content and the November 2007 Skype Worm. The conclusion is that the most common exploit is based on social engineering schemes, using contextual language as incentive for unsuspected users to click links that subsequently serve malicious code.