Mandatory update to Windows Live Messenger 2009 explained
Posted by absorbation on Fri 13 Nov 2009 (20:19 GMT) (8487 views)
Over the past couple of months Microsoft have been rolling out prompts to optionally upgrade to Windows Live Messenger 2009 while discontinuing support for older versions of their popular IM client. This is common practice and the schedule has been published well in advance. As ever with these updates there have been a series of requests to keep using an older version of Messenger and this post is an attempt to persuade otherwise.


Why do I have to update?

Quiet simply, older versions of Windows Live Messenger have several security holes, bugs and compatibility issues. In order to keep the service running smoothly Microsoft aims to keep its users using the latest versions of MSN/ Windows Live Messenger.


Can I still use Windows Live Messenger 8.1 or 8.5?

Officially no. If you attempt to sign in using either version a message will be displayed asking you to update and the sign-in process will be terminated. However, it is still possible to "trick" the servers into thinking you're using a newer version of Messenger. You can read some instructions on how to do that here. This however is highly unrecommended as you are exposing yourself to many security threats as explained by this Micrsoft Security Advisory (973882) article.


What are the problems with using an outdated version?

Messenger expert and enthusiast CookieRevised, who has voiced strong concerns over users attempting to use older and unsupported versions of Windows Live Messenger had this to say:

There is actually no reason why you should not update... except for the looks maybe (but that can be altered with Plus! skinning). Moreover, not updating means that you will be vulnerable to possible bugs, and even worse, security issues.




Common problems and solutions

Many thanks to MeEtc over at the Messenger Plus! Forums for supplying this information.

I get an error saying "Windows Live Communication Platform has encountered an Error" and Messenger will not run.
Windows Live Support has found a fix for this issue and posted it on their blog: http://messenger-support.spaces.live.com/blog/cns...8B853F!15941.entry

I don't like how the new version looks. How can I change it?
There are a few ways that the interface has changed. First is the addition of scenes. When a conversation window is open with a contact, their scene and background colour will automatically be applied. This can be changed by going to Tools > Options and select "Use Default Scene" from any conversation window.
Second, using a Messenger Plus! skin can change the interface completely.



Microsoft investigating 'Thousands of Hotmail passwords leaked online'
Posted by chris on Mon 05 Oct 2009 (18:39 GMT) (31297 views)
Microsoft are today investigating a report by technology website Neowin.net that over 10,000 Hotmail account passwords have been posted online, through the debugging website pastebin.com. According to the technology site, the details posted are real user's account details and not simply made up. The details have since been removed from the site.

Users are advised to change their passwords and as a extra precaution change their security question.

Microsoft said in a statement to the BBC News website that they are currently "investigating the situation and will take appropriate steps as rapidly as possible".

Update:
Microsoft have confirmed on their Windows Live Wire blog that the account passwords being leaked are likely due to the result of a phishing attack as they have "determined that this was not a breach of internal Microsoft data". If you believe you have been a victim of phishing, you should change your password and ensure your computer has up to date antivirus protection. Messenger Stuff recommends the recently released Microsoft Security Essentials software for protection which is compatible with Windows XP, Windows Vista & Windows 7.

What to do if you think your account has been stolen
Change your Hotmail password and security question
News Source: Neowin.net - Thousands of hotmail passwords leaked online
View Microsoft's statement: BBC News - Hotmail accounts 'posted online'




The phenomenon of Microsoft enforcing mandatory updates to MSN/ Windows Live Messenger are not uncommon. Although much of these are claimed to be "security" focused, there is the case that Microsoft rightly prefers users to be using the latest protocol their client can communicate with to avoid server issues. Still, for many users using older versions of Messenger, this is a pain as there is a significant amount of people choosing to use an older, outdated build. Below is a breakdown of the current schedule of mandatory upgrades coming within the next couple of months:

  • August 25th: Message displayed to users using versions 8.1 and 8.5 to optionally upgrade
  • Mid-September: Those using versions 8.1 or 8.5 will be locked out of the Messenger service and forced to upgrade
  • Early-October: Users using an outdated version of Windows Live Messenger 2009 will receive the option to upgrade
  • Late-October: Those using older versions of Windows Live Messenger 9 will be locked out of the Messenger service and forced to upgrade


To conclude, this series will stop users normally being able to sign into Windows Live Messenger versions 8.1 and 8.5, while also making those who haven't updated to the second QFE patch to do so by the end of October.

Source: The MessengerSays blog



5 tips for being a secure Messenger user
Posted by mynetx on Tue 18 Aug 2009 (00:51 GMT) (13079 views)
As viruses, backdoors, Trojan horses, even root kits are commonly spread these days, you should pay close attention while using Windows Live Messenger in order to maintain your own and your computer's safety. Here are some tips that help you to stay secure:

  1. Do not click every link you receive.
    Be careful about strange instant messages, even when they are sent by contacts you know. There are bad people stealing the passwords of Windows Live IDs in order to send unsolicited messages, also known as SPIM.

  2. Do not accept every contact that is adding you.
    Watch out when accepting people into your contact list. Do you really know who they are? Before talking too intensely with new buddies, ask yourself: "Would I invite this person into my house in real life?" If you doubt, then why meet virtually.

  3. Think before sending personal information to buddies.
    Would you note down your mobile phone number and publish the piece of paper in your city's public square? No? So you see how vital it is to be careful about which personal information you share with people you do not really know, especially your real name, address, date of birth or any phone numbers. Microsoft or Windows Live will never contact you about your Windows Live ID password, so don't tell anybody your password, regardless of what they claim to be.

  4. Do not blindly accept all files that are sent to you.
    Files are the worst thing when it comes to virus danger. Accept only files where you know the con?tents, and only accept files that are sent to you by people you know you can trust. Always use a virus scanner to avoid random infections of your system. Be sure to keep a cur?rent back-up of all important data on your computer on an external device that is not connected normally.

  5. Use your common sense.
    If something sounds too good to be true, it is too good to be true.




WLM Safe: Stay secure when using Windows Live Messenger
Posted by absorbation on Mon 10 Aug 2009 (21:16 GMT) (2596 views)
If there is anything I've learnt since I started using Windows Live Messenger is that it is nutritious for security threats and problems. These of have course changed over time, from viruses, to a poor blocking system, from bugs that would crash Messenger and more recently the plague of phishing scams. It can all be a headache for the normal user. WLM Safe is a Messenger Plus! Live script with many features to help protect from such threats. Listed below are the application's main functions:

  • Anti-Virus: detects and blocks infected links sent by virus in conversation windows.
  • Anti-Phishing: detects and blocks phishing links sent by virus in conversation windows.
  • Anti-Spam: blocks annoying spam messages sent by your contacts.
  • Anti-Flood: detects flood attacks and block the authors.
  • Anti-Freeze: block messages that make old messenger's versions crash.
  • Anti-Copy: notifies you if one of your Messenger's contacts copy your Nickname.
  • Anti-Bot: notifies you if you're chatting with a Bot.
  • Anti-Hackers: notifies you if you're chatting with an Unsafe contact.


What I particularly like about WLM Safe is the care and attention to detail. This is a well coded and polished script that is impeccably designed and non-obstructive to the user. Moreover it does everything you would expect it to do and can even keep a log of the threats it has helped you to avoid. I cannot recommend using this script more. It is a must have for any Windows Live Messenger user.

Download WLM Safe for Windows Live Messenger requires Messenger Plus! Live
Visit the official website



Microsoft files civil lawsuit to stop SPIM offenders in Messenger
Posted by absorbation on Mon 03 Aug 2009 (14:12 GMT) (5377 views)
You may be familiar with the term SPAM but in recent years SPIM, which is basically SPAM through instant messaging, has become much more common. Back in September we talked about the rise of SPIM bots through Windows Live Messenger and how Windows Live Messenger 9 added features to stop them. Now it appears Microsoft are taking the next step by trying to take down one the biggest companies behind SPIM through MSN/ Windows Live Messenger.

This case arises from Defendants' abuse of Microsoft's Windows Live Messenger service, and the abuse of Microsoft's users, through a phishing and instant messaging spam ("spim") campaign. Defendants are using false and misleading messages to induce Windows Live Messenger users to visit websites designed to deceive them into divulging their Windows Live usernames and passwords. Defendants then use the login credentials to gain unauthorized access to Windows Live Messenger user accounts for the purpose of sending unsolicited commercial spim to other Windows Live Messenger users.



According to Ars Technica Hong Kong-based Funmobile, its US subsidiary Mobilefundster, and several individuals are being sued by Microsoft in Redmond. The burden SPIM bots have on the program's 330 million users needs to be tackled and it's good to see Microsoft is providing a firm response to the problem by rooting out the cause.



Read more: Microsoft's full compliant (PDF)
Source: Ars Technica


Ten top tips to stay secure using IM
Posted by absorbation on Tue 28 Apr 2009 (19:11 GMT) (1072 views)
Phishing, spam, keyloggers and worms can all spread through Messenger. MSN Messenger 7 was probably the height of some of the most destructive worms, that would spread out of all recognition within just a few short weeks. The one that sticks out most for me is the bropia worm, that was designed to reek havoc on user's PCs. Now the biggest threat is from phishing scams after your personal details. MakeUseOf have provided 10 simple tips to improve your IM security.

3. Don't chat with people not on your contact list

Always vet your contact list with people whom you know something about. Talking with Mr. Anonymous at the other end of space may be fraught with risk. It is possible to discover your computer address (i.e. your IP) from an instant message and that usually is the first requirement for a remote hack attack.



Although most tips may appear to be common sense, it is often the ones that are that tend to be overlooked the most. Remember it doesn't take much to stay safe, but it can be a pain to fix.

MakeUseOf: Instant Messenger Hacks: 10 Security Tips to Protect Yourself


Phishing scams spread through Messenger
Posted by absorbation on Tue 14 Apr 2009 (22:16 GMT) (1137 views)
Phishing has become very clever over the past couple of years, and with more quick profit at stake for these scammers, there is no doubt this would soon become a serious concern for IM. Windows Live Messenger is not immune to phishing, but if you follow the advice of Johnathan Kay, you can find yourself with one less hassle:

Even if the site appears to look like a Live ID sign in page, look for the green address bar, lock icon and company name to verify it truly is. Additionally, depending in your Windows version, browser and Live ID site you're signing into, you might need to click the ‘Sign in using enhanced security’ link on the page to see these indicators.

Finally you'll arrive at the password changing page and can change your password. One minor feature that’s been added recently is an option to prompt you to change your password every 72 days. I'm not quite sure how this will work with regards to Messenger yet, but time will tell.



View Kay's outline of Messenger phishing and the steps to follow if you have been affected



Messenger Key: Recover your forgotten IM passwords
Posted by absorbation on Thu 11 Dec 2008 (22:38 GMT) (1804 views)
I know a lot of people who have multiple passwords and as a consequence forget most of them. If this sounds like you, Messenger Key may be a vital tool to recover your password for several leading IM clients. I'm going to keep this post short. The program is simple, clean, easy to use and does just what it says on the tin. It may be very useful to you one day however.



Download Messenger Key


Beware Messenger spoofing emails!
Posted by anileator on Fri 11 Jul 2008 (20:55 GMT) (1427 views)
It's come to my attention that there has been some spoofing emails going the rounds disguised as official emails from Microsoft advertising a new version of Messenger dubbed 9.5

We at Messenger Stuff would like to warn people not to open or follow any links in these emails and instead report them as junk and/or spam as well as delete them.

Currently there is no Messenger 9.5 available in public or private beta testing so for the sake of your computer's health do not open or download anything from these emails It's highly likely to only lead you to a virus, worm, spyware, malware or other nasty that really you don't want on your computer.

Take care. We'll have news covering the Messenger Plus! Live skinning contest and our favourite entries coming soon.