ALERT-Sri Lanka CERT|CC - වින්ඩෝස් තුලින් මුහුණු පොතේ පණිවිඩ වලට ප්‍රවේශ වීමට ලබා දී ඇති මෘදුකාංගයේ දුර්වලතාවක් හදුනා ගනී

Vulnerability in Facebook Messenger for Windows

Threat Level

MEDIUM

Software Affected

Facebook Messenger Desktop Application version 460.16

Overview

This vulnerability allows an attacker to execute malicious files already present on a compromised system.

Description

According to the researchers, this vulnerability application triggers a call to load Windows Powershell from the location of “C:\python27”. This path automatically creates when installing python version 2.7 which does not commonly exist in most windows installations.

An attacker could hijack such calls to load potentially non-existence resources to covertly execute malware to gain persistence and extended access to the system.

Impact

Possibility of exposing confidential information to unauthorized parties
The system could be infected with malware

Solution/ Workarounds

Upgrade to the latest Facebook Messenger Desktop version 480.5

https://www.microsoft.com/en-us/p/messenger/9wzdncrf0083?activetab=pivot:overviewtab

Reference

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Source: Sri Lanka CERT|CC

Read 2194 times

Last modified on සෙනසුරාදා, 27 ජූනි 2020 07:27

Rate this item

(1 Vote)

K Dinesh Kumara

Founder of PC World Online Magazine

I'm an educator, entrepreneur, and career guidance officer. I'm interested in ICT, psychology, financial literacy, meditation, and yogic sciences. My hobbies are discovering, learning, experiencing, sharing, and exiling.

Website: https://www.pcworld.lk

Latest from K Dinesh Kumara

Attention readers: Starting from 15-05-2023, we will be reviewing all comments submitted through our website's comment section before publishing them. This change is due to the increased volume of spam comments we have been receiving. We appreciate your understanding and apologize for any delays this may cause. Thank you for your continued support and valuable contributions to our platform.

Dear valued users,

We welcome you to the PC World Magazine Website and appreciate your interest in commenting on our articles. This platform is intended for thoughtful discussions and exchanging ideas and information related to the topic of the article. However, please be mindful that we do not tolerate any illegal activities or marketing purposes. Misusing the comment section for such purposes will result in the immediate removal of the comment and could result in the termination of your account. We ask that you keep your comments respectful, on-topic, and relevant to the article. Additionally, please do not post personal information, hate speech, or offensive content. Thank you for your cooperation in creating a positive and productive environment for all users on the PC World Magazine Website.

Best regards,
PC World Magazine Team

98 comments

Nemgchila - සදුදා, මැයි 15 2023

fluoxetine and advil fluoxetine dose fluoxetine 60 mg tablet
Nzxxzionix - ඉරිදා, මැයි 14 2023

fluoxetine versus sertraline https://prozacfluoxetinesyu.com/ prozac changed my life
Edglfoedo - සිකුරාදා, මැයි 12 2023

venlafaxine or duloxetine https://cymbaltaduloxetinestb.com/ coming off cymbalta
Neggchila - සිකුරාදා, මැයි 12 2023

zoloft and heartburn zoloft and autism cbd oil and zoloft
Nzxzionix - බ්‍රහස්පතින්දා, මැයි 11 2023

drug information norvasc norvasc drug insert norvasc withdrawal symptoms
Encouro - බදාදා, මැයි 10 2023

I am about to try Femara letrozole next week on days 3- 7 real cialis online
EnrcWrads - බදාදා, මැයි 10 2023

omeprazole 20 mg dosage can i take omeprazole with food omeprazole dogs
Osgthome - අඟහරුවාදා, මැයි 09 2023

lexapro and flexeril https://lexaproescitalopramogv.com/ escitalopram side effects long term
HenhIroke - අඟහරුවාදා, මැයි 09 2023

seroquel 25 dosage of seroquel quetiapine rcvs
Nengchila - අඟහරුවාදා, මැයි 09 2023

missed a dose of zoloft zoloft use going off sertraline
Ejolfoedo - සදුදා, මැයි 08 2023

accidentally took double dose of duloxetine https://cymbaltaduloxetinesec.com/ good rx cymbalta
Nzedionix - සදුදා, මැයි 08 2023

side effects of norvasc blood pressure medication https://norvascamlodipineshe.com/ amlodipine generic name
EnsfWrads - සෙනසුරාදා, මැයි 06 2023

stopping omeprazole suddenly https://prilosecomeprazoleuxe.com/ prilosec stopped working
lipitorbrl - සෙනසුරාදා, මැයි 06 2023

where to buy lipitor - Lipitor can also interact with certain foods, including red yeast rice and high-fat meals.
Oltgthome - සෙනසුරාදා, මැයි 06 2023

escitalopram and citalopram what's the difference https://lexaproescitalopramtns.com/ is lexapro safe during pregnancy
HezaIroke - සෙනසුරාදා, මැයි 06 2023

drinking on quetiapine https://seroquelquetiapinedik.com/ quetiapine 25mg tablets
Ecrtfoedo - සිකුරාදා, මැයි 05 2023

duloxetine 60mg cymbalta sexual side effects duloxetine hcl price
Ntcschila - සිකුරාදා, මැයි 05 2023

can i drink alcohol while taking sertraline zoloft 50 zoloft generic names
Ntvsionix - සිකුරාදා, මැයි 05 2023

is norvasc recalled https://norvascamlodipinetce.com/ norvasc price
EubkWrads - අඟහරුවාදා, අප්‍රේල් 18 2023

cialis vs sildenafil https://hoscillia.com/ cialis black reviews
pg-slot.game - ඉරිදා, අප්‍රේල් 09 2023

เว็บ สล็อต pg แตก ง่าย เกมสล็อตออนไลน์เป็นเกมการเดิมพันที่ทำเงินได้ไวที่สุด pg slot ยุคที่คนจำเป็นต้องอยู่แต่ในบ้าน และก็หันมาหาเงินผ่านหนทางออนไลน์ เกมนี้จึงเป็นทางเลือก
pg-slot.game - ඉරිදා, අප්‍රේල් 09 2023

เว็บ สล็อต pg แตก ง่าย เกมสล็อตออนไลน์เป็นเกมการเดิมพันที่ทำเงินได้ไวที่สุด pg slot ยุคที่คนจำเป็นต้องอยู่แต่ในบ้าน และก็หันมาหาเงินผ่านหนทางออนไลน์ เกมนี้จึงเป็นทางเลือก
Qeneionix - සෙනසුරාදා, අප්‍රේල් 08 2023

can you take losartan and sildenafil together can i take 20mg sildenafil twice a day max dosage sildenafil
Jnnwthome - සෙනසුරාදා, අප්‍රේල් 08 2023

which is best sildenafil or tadalafil or vardenafil tadalafil vasodilator vardenafil and tadalafil together
AnwnIroke - සෙනසුරාදා, අප්‍රේල් 08 2023

tadalafil without prescription viagra vs tadalafil tadalafil india

ආරම්භ කරන්න
පෙර

ඊළඟ
අවසානය

The Technology Video of The Day

එන්න අදම අපේ YouTube වැනල් එකට

පරිගණක විද්‍යාව ගැන, හැකින් ගැන, මනෝවිද්‍යාත්මක කරුණු වගේම මුල්‍ය ශාක්ෂරතාවය පිළිබඳ වීඩියෝ පාඩම් සිංහලෙන්ම ඉගෙන ගන්න ඔබත් අදම මේ දැන්ම මගේ YouTube නාලිකාවත් සමඟ එකතු වෙන්න. එන්න පහත ලින්ක් එකට ගිහින් Subscribe කරන්න.