Very Dangerous Bug - Printable Version
-Shoutbox (https://shoutbox.menthix.net)
+-- Forum: MsgHelp Archive (/forumdisplay.php?fid=58)
+--- Forum: Messenger Plus! for Live Messenger (/forumdisplay.php?fid=4)
+---- Forum: WLM Plus! Bug Reports (/forumdisplay.php?fid=7)
+----- Thread: Very Dangerous Bug (/showthread.php?tid=86682)
Very Dangerous Bug by amy_pure_blonde on 10-16-2008 at 03:09 AM
This ia a very dangerous bug & id like you to find out how to prevent such things, i lost several email addresses cause of it. In this url is a zip file i uploaded it to my yahoo, this is how it works. Someone ads a file to their pc, it is a script that runs off of messenger plus, The second file if what someone uses to send commands to get passwords saved in messenger, hide clock & taskbar along with other commands can you please find a way to stop such things please, me & several friends lost our emails over this program.
Who do i send the url to so someone can look at it i didnt want to post url here publicly cause it is so dangerous.
RE: Very Dangerous Bug by Vilkku on 10-16-2008 at 06:07 AM
I don't see how this is a bug, you are responsible for any scripts you import and Plus! has no real power over what scrips you do import.
RE: Very Dangerous Bug by amy_pure_blonde on 10-16-2008 at 07:06 AM
its a bug if they can use messenger plus & minipulte it to echo someones SAVED passwords as far as the person installing it yes it is their fault they was tricked.
RE: Very Dangerous Bug by Th3rmal on 10-16-2008 at 07:34 AM
When importing a script, you are asked permission if the script is allowed to install on your computer, and it is specified in Plus! that "Scripts have the same power as executable programs, import at own risk"
RE: Very Dangerous Bug by Menthix on 10-16-2008 at 09:19 AM
quote:No, any program with local access to your PC can display (or send) your stored passwords, this is the risk of saving your passwords.
Originally posted by amy_pure_blonde
ts a bug if they can use messenger plus & minipulte it to echo someones SAVED passwords
Messenger Plus! scripts are just as powerful as normal programs, they could be used for nasty things and viruses too, which means you should treat them the same as normal programs. Only install scripts you got from a trusted source, for example from the official site only. All scripts there are tested before they're added to the site.
RE: Very Dangerous Bug by Spunky on 10-16-2008 at 01:16 PM
I've got a feeling the contact either doesn't like you very much, or doesn't know they sent the file? If it's the latter, it's the same as most other WLM virii
RE: Very Dangerous Bug by kabso 5 on 10-16-2008 at 04:01 PM
this is about trust
its not a bug
there is a remote assistiance in the plus
you can give it to the one you trust if you give it for the wrong guy i will lose many data and e-mail
another e.g
maybe a hacker send you a file if you open it you will be hacked
and this hacker is your friend and you accept the file that contains a hige lvl threat
you will blame Microsoft becouse there is such bug is caled virus !
why did you accept the file " because you trust him "
dont accept anything from anyone only from the one you trust 
RE: Very Dangerous Bug by NiteMare on 10-16-2008 at 04:06 PM
quote:plus doesn't have remote assistance?
Originally posted by kabso 5
there is a remote assistiance in the plus
RE: Very Dangerous Bug by kabso 5 on 10-16-2008 at 04:16 PM
not that plus the WLM dose
go to Action in the convo and you will see
RE: Very Dangerous Bug by Felu on 10-16-2008 at 04:16 PM
quote:There was a script which let you control your computer remotely.
Originally posted by NiteMare
quote:plus doesn't have remote assistance?
Originally posted by kabso 5
there is a remote assistiance in the plus
RE: Very Dangerous Bug by Quantum on 10-16-2008 at 04:57 PM
quote:
Originally posted by kabso 5
not that plus the WLM dose
go to Action in the convo and you will see
Yes, Windows Live Messenger has remote assistance. You should only be getting assistance from people you know and trust anyway
RE: Very Dangerous Bug by joey on 10-16-2008 at 07:02 PM
people with a mental age over 4 tend to know if they actually trust someone or not. i can understand if someone new adds you, you talk, the seem nice enough and then they "hack" you because you accepted a file, but to be fair you shouldnt give everyone you know the benefit of the doubt. its your fault if you click yes if they offer, not anyone elses. anyway, doesnt wlm block you from accepting things with certain extensions?
RE: Very Dangerous Bug by haydos on 10-16-2008 at 07:19 PM
quote:The OP said that it was a msgplus! script. Even if they weren't correct, you can accept any file - some files will be blocked if you try to open them from inside the conversation, but will open if you go to 'my received files'.
Originally posted by joey
doesnt wlm block you from accepting things with certain extensions?
RE: Very Dangerous Bug by joey on 10-16-2008 at 07:23 PM
hm, i thought it automatically stopped anyone from accepting exe's and other things, and there was a script/addon that could override it.
RE: Very Dangerous Bug by Voldemort on 10-16-2008 at 08:20 PM
First of all, when you import and BEFORE you accept a script, you get a warning about opening only scripts that you can trust. READ IT.
RE: Very Dangerous Bug by vaccination on 10-16-2008 at 08:56 PM
quote:No it just flashes a security warning asking if you're sure you want to accept transfer.
Originally posted by joey
hm, i thought it automatically stopped anyone from accepting exe's and other things, and there was a script/addon that could override it.