This is just an F.Y.I. If you use a version of Windows Live Messenger or MSN Messenger other than the most recent Live Messenger version 8.1 on Windows XP or Vista, you’re going to be forced to upgrade within the next few weeks. The security PM for Windows Live Messenger, Anand says the reason behind the upgrade is because "There is a security vulnerability in the earlier versions – MSN Messenger 6.2, 7.0, 7.5, and Windows Live Messenger 8.0."
According to security bulletin MS07-054: "Vulnerability in MSN Messenger and Windows Live Messenger Could Allow Remote Code Execution (942099). This vulnerability, which has been fixed in 8.1 and the beta version 8.5 could allow remote code execution when a user accepts a webcam or video chat invitation from an attacker. An attacker who successfully exploited this vulnerability could take complete control of the affected system."
For some of you, this isn’t a big deal because you already keep up with the latest versions, however, for others of you, this means change is in store. If you’re using MSN messenger, particularly version 6.2, it was last updated back in 2005 and it’s quite a bit different in terms of its interface and some of the features. In general, anyone unfamiliar with the new Live Messenger (compared to MSN messenger) will have to get used to it.
The reason behind the mandatory upgrade is a security vulnerability, so Microsoft needs to find a way to keep their users safe. When they start the upgrade process, any user who has an older version will be guided through updating to the latest version. They will not be allowed to log in until they’re using 8.1. To me at least, this mandatory upgrade really doesn’t seem like it’s an issue, however it is for others. In fact, there’s a petition (although it only has 31 signatures at the moment) found here asking that the mandatory upgrade be withdrawn because "many members dislike the Windows Live version, and wish to stay with their MSN Messenger version. Shouldn’t members be allowed to choose what they want, even knowing there is a security risk?"
So what do you think? Should users simply be informed that there is a security risk and then be allowed to choose whether or not they want to make the upgrade? Or is Microsoft right for forcing everybody to upgrade to their most recent, most secure version?
Source: LiveSide
Enjoyed the post? Subscribe to our feed to get a daily dose of CyberNet!
Tags: Software, Messengers, Microsoft, MSN, Windows Live Messenger
Related Posts:
- Windows Live Messenger 8.0.0566 Released With New Interface
- Windows Live Messenger Available To The Public
- Windows Live Messenger And Yahoo Tie The Knot
- Messenger Plus! Live Soon To Be Released?
- Windows Live Messenger Release Date Incorrect
This kind of thing is why I use Pidgin!
What is not mentioned here that new version will expectedly be putting more load on the system resources. While this is a no-issue for newer machines, it might make a difference for some one using a 4 yr old machine like me.
Well atleast this time no-one will be complaining that M$ did not do enough to fix the vulnerability. But i do think that they went overboard just a lil bit.
I booted up my PC this evening and was prompted to upgrade. I was running 8.0 up until 2 hours ago, the only reason was that 8.1 randomly froze on me. I am yet to see this happen this evening so I am hoping this has been fixed in a later build of 8.1 (although I can’t find anything relating to this online).
I hear ya…Pidgin or Meebo!
Yeah, I would say they went overboard. I acutally can’t remember the last time I was forced to upgrade an application if I wanted to continue using it.
If 8.1 doesn’t solve your problem you could always try 8.5 Beta.
They may be going overboard, but generally if people see “stick with what you’ve got” or “change” they choose the former. The most popular commercial AV packages are ones that basically take complete control, making you do a lot of work to shut them up for good, stopping you doing things like open virus exes. Generally if there’s a big off switch people press it to avoid the hassle. This is why M$ pushes updates automatically for Windows and doesn’t green light your system unless you choose the full-auto option. At the end of the day people should either get used to change or learn to find their own software – I’m loving Pidgin, even if it isn’t quite as good at managing my email as Google Talk was (and file transfers don’t work). Beats using WLM anyway.
If Pidgin could get the file transfer thing to work then I could use it more. I tried to switch to completely switch to it, but too many people send me files through messenger. The switch made it more of a hassle than anything.