IE flaw exploited for MSN Messenger worm

A new worm that uses Microsoft's instant messenger application MSN Messenger to propagate has been spotted by several antivirus software vendors.

The worm arrives in an instant message that contains text telling the recipient to go to one of several Web sites. The text says either "URGENT -- go to (url) now," or "ATTeNT!oN -- go to (url) now." Clicking on the URL (Uniform Resource Locator) link in the message opens a Web page with malicious JavaScript code that sends instant messages advertising the Web page, or other Web pages with the code, to all the MSN Messenger users on the user's contacts list, Symantec and F-Secure said in advisories Thursday.

Dubbed "JS.Menger.Worm" by Symantec and "Coolnow" by F-Secure, the worm sends instant messages, but does no damage to a user's system, the antivirus software vendors said. F-Secure is trying to shut down the sites hosting the malicious code before it becomes very widespread, the company said.

The JavaScript code takes control of MSN Messenger by exploiting a known flaw in Microsoft's Internet Explorer (IE) Web browser. An example of how to stage such an attack was published last weekend by two European experts. That example was used to craft the worm, according to the experts.

"The worm is a modified version of our example code. We never intended for anybody to copy the code, although we kind of expected it would happen," said Thor Larholm, one of the two Europeans who demonstrated how specially crafted code on a Web page could take over MSN Messenger. "We published the example to put pressure on Microsoft to patch vulnerabilities that they are fully aware of."

Microsoft on Monday released a bundle of patches for IE that fixes the flaw used by the MSN Messenger worm, Larholm and the antivirus software vendors said.

Still, a PC with IE is all but secure, according to Larholm.

"The patch doesn't fix all the problems in IE. It fixes a lot, Microsoft deserves kudos for that, but there are still publicly known vulnerabilities, some two months old, that allow an attacker to read any local file and execute arbitrary commands on a user's system," Larholm said. The Danish Internet programmer maintains a list of unplugged holes on his Web site (

Both Symantec and F-Secure have updated their antivirus products so they can detect the worm. No one at Microsoft was immediately available to comment.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Show Comments

Brand Post

Shining a light on creativity

MSI has long pushed the boundaries of invention with its ever-evolving range of laptops but it has now pulled off a world first with the new MSI Creative 17.

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers


This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang


It really doesn’t get more “gaming laptop” than this.

Jack Jeffries


As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr


The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?