Vulnerability: Microsoft MSN Chat ActiveX

CERT has warned a buffer overflow exists in the "ResDLL" parameter of the MSN Chat ActiveX control that may permit a remote attacker to execute arbitrary code on the system with the privileges of the current user.

This vulnerability affects MSN Messenger and Exchange Instant Messenger users. Users of Microsoft's Internet Explorer (IE) who accept and install Microsoft-signed ActiveX controls are also affected.

More information is available on the CERT website: on Microsoft:

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about CERT AustraliaMicrosoftMSN

Show Comments