Thanks Thomas for sending in this news of a patch for MSN Messenger (all versions prior to 4.7)
Unchecked Buffer in MSN Chat Control Can Lead to Code Execution (Q321661)
Who should read this bulletin: All customers using the Microsoft® MSN Chat control, which is available for direct download and ships with MSN Messenger and Exchange Instant Messenger.
Impact of vulnerability: Run Code of Attacker's Choice
Maximum Severity Rating: Critical
Recommendation: Customers who did not install the updates when they were originally released should install the upgraded updates immediately;
customers who installed the original updates should consider installing the upgraded updates.
Affected Software:
- Microsoft MSN Chat Control
- Microsoft MSN Messenger 4.5 and 4.6, which includes the MSN Chat control
- Microsoft Exchange Instant Messenger 4.5 and 4.6, which includes the MSN Chat control
View: ReleaseID=39632
News source: Microsoft Security Bulletin MS02-022