Possible GDI Exploit Vector
Does anyone know if MSN Messenger 6 uses GDI+ to render jpeg images that appear
as the profile images you see in MSN 6 Chat windows? If so, this could provide
an extremely fast way to propagate a worm using the GDI+ flaw. All you would
need to do to start it off is set the crafted image as ur profile picture,
start conversations wtih people you know have MSN6 installed, and, if by
default they display the other users' profile picture,they're machine would
process the image and carry out any nasty deeds the image has within it (if the
machine's not patched).
For the worm to propagate, it would need to craft its code into the current
users profile picture, and every time the infected user started a conversation
with someone, it would spread as soon as the other user viewed the profile
picture within the chat window.
The speed of spread would be enormous, granted that most people dont have up to
date virus scanners/definitions and have not patched their machines. Plus it
would be nearly impossible to determine where the virus came from, where it
started off.
All this, of course, is only possible if MSN Messenger 6 does indeed use GDI+.
Does it?