Select a language to translate this page!
Powered by Microsoft® Translator
A particularly malicious worm (a self-replicating computer virus) is currently trying to spread itself through many of the world's largest instant messaging and social networks, including Windows Live Messenger 2009. We’re very serious about protecting our customers, and are pursuing multiple avenues to help stop its progress. The worm spreads by inserting a link into an IM conversation with a person whose computer is already infected. When someone clicks the link, it opens in a browser, downloads the worm on the recipient’s computer, and then repeats this process.
Normally, when Messenger sees a web address in a conversation it is turned into a hyperlink which, when clicked, automatically opens in a web browser. This feature makes it very easy for the malicious worm to be unknowingly installed on your computer by clicking on the link and being sent to a web site containing the malicious software. We’re pursuing a number of activities to help protect you, working actively with industry experts and law enforcement to help stop this criminal activity.
Most notably, we’ve temporarily turned off active hyperlinks for web addresses sent in IM conversations using Windows Live Messenger 2009. You will still be able to copy a web address and paste it into a browser window if you know it to be safe, but by removing active hyperlinks from Messenger 2009, we’re taking a significant step towards stopping the unintentional spreading of this worm.
Because we’ve now blocked active links in Messenger 2009, starting today, some customers may also see a notification in the main Messenger window warning them that some features might not be available.
Messenger 2011 is not impacted in the same way, thanks to its Link Safety feature. However, we are actively monitoring the situation and investigating different approaches to help protect customers using the latest version of Messenger, should the situation change.
As always, we encourage customers to exercise caution with links to web pages that you receive in IMs, especially if the links are to a web page that you are not familiar with, unsure of the destination of, or suspicious of. Malicious software may be installed in your computer simply by visiting a web page with harmful conteaqnt.
If you think your computer may have already been infected by a malicious worm, check the , please visit the Security TechCenter on Microsoft TechNet, and then download and use the malicious software removal tool. For additional help with Messenger, check out the Messenger Solution Center.
John Scarrow General Manager - Safety Services
Very well done WL Team. Some may complain, but it's not hard to copy and paste a link into the browser if needed.
When will an official Live Messenger for 7 phone come out? I just got my Samsung Focus today and I love it!
Everyone stop using really old Windows XP and switch to Windows 7! Then you can use the safest and latest version of Messenger - Windows Live Messenger 2011!
Or you can watch what links you click and be just as safe. lol
PS: I use Windows 7 and still use 2009 because it's far better (I forgot this in my last post)
I get the reasoning behind this move and i appreciate it as an MSN user. But let me explain why i dislike what you just did. I use the 2009 version due to being more user friendly and easier to use. I use MSN to chat as anybody else does but it also works well for me when i'm tryin to promote my work (musician). I literally spam my friends with youtube links of my work and i gain something from that. But with that option turned off right now, you're actually pushing me to download the 2011 version which isn't handy for me and i know a handful of people who share the same thoughts! What's more is that you expect us to be ok with a silent update which we didn't even had the right to chose if we want it or not.
So let me ask you this, if you read what i just wrote, why should i still be interested to staying a loyal MSN user when everything i use it for, has just been turned off?
@merQree: You only use it to send links? It's not completely removing the addresses from your messages, it's just not making them clickable. Your conversation partner can still copy and paste it into their browser. The team is just looking out for us, and I'm behind them 100% on this decision. If you want to send clickable links, you can always email a few links to your contact...
Although somehow, I sense an oncoming required update to 2011 for us Vista/7 users (and maybe a 2009 update for XP users, much like they had done with 7.1 for 9x/ME/2k users). If this becomes true, can us win7 users keep with 2009 (Even if it requires updating to overcome this problem)?
@Hemingray not only for that. But it's a basic way to get popularity over the net. And no, it's not the same thing if people copy/paste the link. Cause i know they won't. I already tried that and it didn't work. It would be awesome if they just leave the basic links unharmed like YouTube or Facebook and just don't allow the rest links, or something similar. By doing that, they are somehow forcing us to download the new MSN cause it's not deactivated as the 2009 version is. A similar thing happened for XP users when Vista didn't gain popularity. They found a way to push a client on Vista cause he just had to!
I don't want to get the 2011 client cause i dislike it. And believe me, i'm not the only one on this. Just google around a bit and see if i'm wrong.
Another thing that pisses me off with this decision is that they forced a silent update on which i never agreed with. There should at least be some sort of questioning over this. What if i WANT to stay in the 2009 version and WANT to send out links that people WANT to click onto? What about that possibility?
@MerQee: A silent update? You were updated to 2011? It's been getting pushed out as a recommended update through Microsoft Update. I'm set to install updates as I choose, and I have opted out of Microsoft Update (Only getting Windows updates)
@Hemingray, yes a silent update. Cause no i did not allow the 2011 update to be installed. So this means my client who did not get any updates installed, was somehow forced to do that. I did not allow and would not allow my self to download such an update. I am using 2009 and won't get into 2011, and personally, i don't care what they recommend or not. Since they released the 2009 version it should also be recommended same as 2011 right? It's their product as well.
Pretty pathetic ploy to get us to download the new version which is horrible, I 100% agree with merQree. An i'm a Windows 7 user using the 2009 version of Live so it's not "Xp" users that are only using it which shouldn't matter.. make a program that pretains to everyone instead of forcing people like you've done with past versions.. if I could revert to even previous versions I would because they were better then 2009/2011.. stop forcing.
I agree with merQree, I won't download the 2011 version because there is too much advertising and I can't see my contacts well.
I'm also not that stupid too click on malicious links, even if I accidentally do that they can be easily be deactivated in the startup settings and later removed.
Anyway, I want to download the 2009 version where I can click on links to make it easier, since I'm not planning to copy&paste a youtube link because in a conversation I get at least 3 of them. Like a funny image they've seen earlier, song on youtube they recommend or a even a (v-)b- log.
Now I have to copy paste it, I won't visit every link i receive. (Also because some people send multiple links p/post.) Before i was able to open as many links as I wanted, now if a person sends me 20 links I wont even check one of them.
So stay on 2009. That's my plan.
@Hemingray that was our plan too! But now we're kinda forced to upgrade cause we can't send links to each other.
I think you dont understand, i got some update and now I can't, I still have Messenger 8 i think. And i can't click on links anymore, so at least make an option to turn the links on and off. Ofcourse it should be recommended to turn the links off and there should be a warning message when you turn them on.
I really don't want to download messenger 7...
You can still share links., they just have to be copied/pasted now. Not a real trivial task.
@Hemingray, dude it;s not as simple as you make it sound. For people like me who need to send links and people who receive them are bored to c/p...it's a disaster! Like SpaceMan said, there should be an option about this, not force us to accept that! It's fascist to say the least
I dunno what else to tell yall. I have no problems copying and pasting links from my contacts.
Alright, let me bring it this way then. My mother&grandmother can't use copy and paste. This forces them to retype a link.
Another example would be:
I get 50 links of from my girlfriend with photos she took on our holidays that she upload on image hosting website.
This would be impossible to save. I'll get confused what link I did and did not open. Half of the time I'll be copying the same link over and over.
So just make a freakin option that I can turn the links on.
Hemingray, I understand you don't have much internet contacts. I do and all we do is send each other newest funny videos/pictures trough. >>>[b]LINKS[/b]<<< Understand? So I'm chatting with 6 of my internet buddies sending each other funny/interesting stuff. And what now would happen in 1 second happens like 20 slower which makes chatting and having fun really uncomfortable.
So don't act like a wise guy, this is important and already alot people are confused. There was no warning that this would come, first I thought my pc was tripping. Then after some googling I found this blog.
So please John! Give me an option to turn them on.
At least we're not being locked out of 2009 due to this
Good work! But its more then abit annoying, when trying to show a friend something. :) I however hope that this will be removed soon, as I don't want to be forced to install version 2011.. done that once and uninstalled it. I hated that you could not set a custom name, and was forced to use your real one.
I agree with spaceman. they should at least give us an option to turn it off and on whenever we want. as for what Hemingray said that we are not locked out of 2009, don't think for a moment that they didn't think of that. they have a new product..they would do anything to sell. especially when nobody wants it like 2011 version. isn't that what they did for XP vs Vista?
We won't be forced to install 2011 unless you create a new version which doesn't suck. And the next time you want to do an update, don't do it in silent mode. We are using your products...you are not using us for your products!
@Hemingray "At least we're not being locked out of 2009 due to this"
Why would they do that? I can still use messenger 1,2,3,4,5,6,7 if i download them. So this version wouldn't be deleted. The only way they can lock us out is that after downloading messenger 8 there will be a silent update that will disable the messenger which would be retarded.
I bought this computer, I can protect it. I understand they want to help, but I don't need or want it and that should be respected and allowed. I think everyone who's using messenger 8 is bothered by this issue and this can't go on like this. If this issue wont change and if the next msn version wont fit my expectetions I will be forced to start using another application like aMSN/Pidgin or maybe me and all my friends will step over to skype because of this.
Why should this be bad for msn? Well once on group steps over their friends will follow and this will be facebook over myspace all over again.
I see i have Messenger 9, so make messenger 8 -> messenger 9. Y'all get the point.
I agree with ECelestin. The biggest turn off for me with WLE 2011 is not being able to have a custom name. But also the interface is just awful. It took my mother and sister HOURS to find their contacts because of the switch pane that has all these feeds on it. Quite frankly, I don't want that garbage on my messenger window. If I wanted to know what Paris Hilton was doing, I'd look it up. I also hated the new way of signing in, with the separate window or whatever it was. I uninstalled 2011 and reinstalled 2009, and I really don't understand why it was changed so drastically when just about everyone was happy with the way it was.
I really hope the links are turned back on ASAP, as I will not be forced to upgrade the newer version. I would rather use worse messengers such as AIM or Yahoo than use WLE 2011.
Alternative clients still allow links to be clicked.
"A particularly malicious worm... "
Yeah... which one in particular? Because there has been lots of those kind of attacks in the past, but just now MS decides to do something. Also, yeah, I know some people are too stupid to click random links, but to enforce this, implying that messenger 2011 smart screen is a good solution is just wrong. If at least that thing allowed to make exclusion, safe sites, so they don't go through MS servers, making different sites think we are hotlinking, it would be less of a PIA.
Or is it that you are now data mining our visited websites? Really, it is just plain wrong to make enforce this.
Just use pidgin instead of windows live...
Yeah well, WLM 2009 & WLM 2011 suck, I'm using version 8.5 and occasionally MSN Messenger 7.5 which I also have installed on my pc.
Completely agree with Spaceman. I hate the layout of WLM 2011. I hate the not able to change your display name option. I hate the webcam options.
Want me to upgrade to WLM 2011, put those options back like they were in WLM 9.
Also, I want to be able to click my links again, just give us the option. I am not one of those dumb kids that click everything they see..
Switching off Links makes sense, however I would NEVER "upgrade" to WLM 2011 as I feel it's a backwards step for Windows. 2009 is MUCH better!
I believe you should not stop the hyper links. I am grateful for the steps you are taking in protecting my computer, but this is an inconvenience. Messenger has been plagued by these "malicious worms" since I can remember, BUT most are obvious. If someone is stupid enough just to randomly click links friends send without asking, then it is there fault. Most of these links are sent while the infected friend is offline, if they are sent while the friend is online they are usually very obvious worms.
Personally I believe the team should be creating a security update that allows you to use the version of messenger you would like. Honestly I despise all these updates you have been forcing us to do to messenger and to our e-mail accounts. I tried the new windows 11 and did not like it, I feel like I have no personality on that messenger, it takes away features that I enjoy and adds ones I despise. But back to my point, this security update should be mandatory, not interfere with our messenger version or our current virus protection. To me the end of your message giving you the security tool there is your best option.
Again, I thank the team for looking out for my computer and that of others, but I find it ridiculous that no e-mail was sent out to tell us about this, that you try to make us update through hidden means AND that we are getting no choices in whether we want to update or not with most of them. When something isn't broken, you should not fix it.
I am not happy about this at all. When I already have to suffer a bloated program, which lags and sometimes decides to take 50% of the CPU, I don't need more reasons to uninstall all of Windows Live off my PC. I am aware there's WLM2011, but I refuse to use that awful program. It stripped features I enjoyed about MSN when build 2009 came along, and added things I would never use. honestly, if you can easily turn off links in 2009, what's to stop you adding an extra web step and offer a security rating about a link? And why now? This issue with worms abusing links in WLM has been around for at LEAST a year, maybe even two years. This seems suspicious to me, almost as if you've only took action now to "encourage" people to upgrade to a version that is 'safer' and has the ability to handle URL's now.
If you were really trying to sort this issue out, you would have done so when the issue became a major problem and prevent it. Honestly, if 3rd party programs could support WLGroups. I'd have unistalled Windows Live, all of it, a while ago.
At least, you could place some kind of alert, just like Digsby does, when they make some major change. WLM 2011 is not going to make me downgrade to windows 7, nor IE9.
I guess I'll completely switch to Digsby, luckily enough, you just do the hyperlink block on the client, and Digsby can still open the links.
Woaw... I may have missed something but why so much negativity around WLM2011 ?
I've been using messenger since the very first version and the 2011 might be the best ever update to me. Now every time I come up to a WinXP running Messenger 2009 I simply can't stand it ... Certainly Microsoft has pulled out a nice trick with this one, because the new Live is converting more people than ever around me into Win7... What their all new and fancy OS didn't do their free apps suit is finally doing it ...
Have you guys really tried it for a few days?
What is so great about the old version that the new one doesn't better?
I'm just curious...
I think you should all calm down and accept that this was done for your own good. Even if this really was a silent update, I don't think many of you would have installed the update anytime soon if it were just sitting there waiting patiently for you to perform the update.
merQree, even if you can click on links and send them, your "clients" won't necessarily be able to do so if they're still on 2009.
And for those of you who like to stick with the ageing and old versions of software just because you don't like change, there's nothing stopping you from staying on 2009; you're not being "forced" to switch. (There is an option in 2011, by the way, where you can switch to compact view, which basically gives you the view you're familiar with in previous versions.) The safety links feature for 2011 wasn't made available for 2009, because, I'm guessing it's one of the signature features of 2011...?
Stop whining! And if you're threatening to switch to a different client, switch already! We don't want any of your services here.
Luckily I have 2011, and I love it! But I'm still waiting for a connection with Twitter...
florin I hope microsoft paid you well, besides the mass amounts of ad's on the 2011 version such as the PM windows as well as the instant messenger itself it's the bloated garbage we don't want and if there is some that do want.. then give us the option to remove it, in example facebook etc or not put it on display, just like how real names were on display which was something I saw when I tried it. Saying ageing old software like it's inferior when infact they are not updating for the sake of the users they are updating for the sake of making more money off ad's or partnered companys which all the more power to them I guess but having silent updates like this are pathetic, it almost makes me question the security instead of praise it.
I have switched clients and will continue to until Windows Live fixes this problem. If you do infact work for Microsoft or Windows Live I doubt they would like anyone representing them saying "We don't want your services here" when there has been plenty of complaints about this problem and I believe they do want as many people using it so they can view the things they are advertising whether it be a past version or not and if you don't work for them and are currently using the 2011 version then you don't belong in this discussion.
All i've heard people truly angry with is the fact they can't use links which is not hard to give us the option to turn links on or off even tho there is an option already .. which is useless now that they did this.. and then us not being notified about a useful update or not so useful in this case to some.
Why not just remove the past version completely like they've done before if they are going to do things like this?
I totally agree with @merQree & Spaceman.
I dont want to upgrade to 2011 becouse of the for example Video chatting is to b*d, you blocked a great feature that makes you get less live messenger -users and that is bad.
In 2011 version you can only do Video-calls, that means no single webcam-feature (with good quality).
MAKE A OPTION TO SHOW LINKS OR NOT IN 2009 VERSION.
I am so close to change to something else than msn right now.
You are doing a sh*ty job right now i am just honest as a long-time msn/live messenger user!
@florinr08 Who said we are afraid of change? So we used MSN all these years and kept updating so NOW we're afraid of change? No. On the contrary, i liked the previous versions of MSN. But 2011 suck and sooner or later people (like you) should stop sucking up and tell this team the truth.
And my CLIENTS also use 2009 cause they also believe that 2011 sucks. And they complain about that "security" measure that they decided to force upon us. I told everyone i know to come protest in this link and guess what happened. Nobody did cause they can't click it. Just like i said, they are bored to copy/paste and say their opinions.
As for changing an IM, don't worry. We got that covered already. We searched for IM's and if this continues to go on, we already decided on what we will do, cause apparently there are other companies out there who really respect us as human beings and ask us for updates.
You may like what the new version looks like but we don't. And yes, this is somehow forcing us to change something we don't want to change just because they realized it won't sell.
why cant i see my posts?
You know what really makes me upset? Windows team really thinks i'm a poor idiot. Give me options, give me the option to enable or disable links, inform me, not just shut down a feature without telling it to me. It was silent and at this time i think "how many silent updates do you make during the year?". I know you want us to 2011WLM to spam us with ads, so please be honest. For my safety? Come on!
This is absolute BS! It's been days now! Please re-enable the links. I have AVG as a security program and if I clicked a malicious link it wouldn't even open. I will get an error page saying the link lead to a page that was a security risk. And if I do get infected? Well, I can just remove it can't I?
danielgr said "Certainly Microsoft has pulled out a nice trick with this one, because the new Live is converting more people than ever around me into Win7... "
Even if I /could/ afford the $400 to buy Windows 7, which I can't, I still wouldn't update to WLM 2011. It's a piece of garbage and I hate every feature about it. Not to mention, it seems completely filled with bugs. The Windows Live forums are inundated with people having problems with 2011 and no way of fixing it.
Please just re-enable links for 2009.
I use Windows 7, and I still use 2009. I refuse to even touch 2011, it's overloaded with useless crap.
@florinr08 Well for one I like having a display name instead of being forced to use a first and last name. Everything, and yes, I genuinely mean this, that has been added to WLM in the 2011, I won't even use. I refuse to use a bloated program with ad's everywhere. And I even stated why I still use 2009, and it's purely because no other IM Client (Such as Trillian or Pidgin) hasn't got comparability with WLGroups.
It's not that I "fear" change. It's that I don't like the changes. If I didn't like change I'd have never have started using Windows 7.
A malicious worm spreading links? I've been getting those for years, but hyperlinking was never disabled.. Now that the new messenger is out we get this stuff? If u were serious about protecting ur customers u would have done something about it 2 years ago when i started getting those links.
I am on windows 7, because i believe it's a good product, i made that change so i am definitely not afraid of change.. And even after hearing all the stuff about wlm 2011 i still gave it a shot.. Guess what, the smartscreen thing is way too annoying and i had issues with not getting IM's from people besides the horrible interface and some very vague options that made my contacts who converted to wlm 11 confused.. I thought not being able to receive im's from some people sometimes was something not really related to wlm 11 so i kept it..I had to use my old pc with win xp for a week after some time and guess what, i had no single issue.. As soon as i got back to my normal pc i unistalled wlm 11 and put the old one back on and everything was fixed.. I really didn't have to give any explanation why i want to keep wlm 9(personal preference) but i did for those of u who ask why not just put the new msn on ( mainly @danielgr)..
I have been an avid wlm user since 2004 but after these issues i am definitely considering switching clients and making pidgin/skype my default im client because i feel microsoft is trying to make us move to the new wlm in very sneaky ways.. If i don't get an option to at least, switch hyperlinking on, in one week i am moving to pidgin/skype for good and telling my contacts who are annoyed by all this to switch too.. I really hope more people will follow because i guess comments aren't really listened to
I have been doing some investigation and I cannot find a reference to this "new and malicious worm" on ANY of the dedicated Antivirus provider sites.
MS, are you BS'ing us?
Because if this IS a thinly veiled attempt to get us to upgrade, just tell us you're yanking support of 2009 instead of lying to us.
I confirm with Tempest8008 . The only reference for this so called "virus" leads me here. I send a message to the staff here to give us at least a reply so we will know what to do. Personally i have more than 1200 people in my address book and only 2 of them are ok with how things are. I told the rest to move into Skype in case they don't fix this issue. They show full support. I strongly advice any of you to do the same thing.
This team is trying to mock us in front of our eyes. Don't be a tool.
Thanks for the comments on the post. I’m hearing 3 general concerns here that I’d like to address.
1) It’s true that similar attacks have been out there for some time, and we’ve been monitoring them, which is why we introduced the new Link Safety Feature in Windows Live Messenger 2011. However the difference with this particular variant of SLENfBot.AKD, (which is actually hitting several industry IM clients, and not just Windows Live Messenger), is that it is off the charts in terms of scale. We have work going on now to illuminate this particular threat so we can restore hotlinks, but the volume of attacks was too significant to let continue without any remediation. The number of customers that have been impacted on a daily basis is very significant, and every impacted customer leads to many more customers being hit with spam, and chances are, some percentage of those receiving the spam will click the link and expand the attack further.
2) Folks that spend time on this blog are clearly “better than average drivers” and in some cases feel that removing the hot links is more undesirable that the perceived protection of disabling them. Again, we hope this is a short term issue for older versions of Messenger. We’ve heard your feedback loud and clear on the ability to turn off warnings, and are investigating ways to make this possible in the future.
3) Because we work hard to make our software more and more secure with every release, from a security standpoint we always hope that users will follow us as we release new versions of our software. However, I want to make it very clear that this security response is absolutely not an attempt to nudge folks to upgrade. We understand and respect that with any change to such an ubiquitous IM client as Messenger there will always be changes that some folks don’t like and/or may not be able to take advantage of due to OS versions, etc. We’ll continue to innovate both in features and security and look forward to broader adoption over time, as you see fit.
Years and freaking years I used messenger 6 to 9 msn and they all had the same lay out. EVEN the versions before these ones. So why change it so bad?
Now msn got 70% filled with this social area. I dont need that, i just want to chat!You see just a very small box with 200 of my contacts. Befoure I could see all all people who are online and now i see just 10-20 people and then i already have to scroll. People jump on and off, I can't find people I want to chat with! I tried everything to click the social are thing away, to make the box with my contacts bigger and nothing worked.
MSN is about contacts and not facebook. If i want to see what my friends are doing I'll go to their web-page/profile to check it.
I like msn 9 because of the nice design that fits perfectly to my windows 7 and the interface is the same like all of the previous msn's had.
If nothing will happen in the coming 2 week, I'll just download aMSN and add the msn 9 theme or something
I don't care about new features if its faster, more stable or more handy. Msn 9 got a great design and layout and that's all what I care about.
If WLM11 will allow me strip down all the ads and the side box and crap, so i can see my contacts just like on WLM9, I'll definitely download it.
@John Scarrow Your 3rd point implies that other than turning off links, you seem to have no particular plans to even KEEP 2009 supported in the first place. Which sucks for those who can't get the latest version due to being on XP due to say, not being able to afford Windows 7. At least release a security update for those guys =/ It's not hard, you guys clearly have the power to silently update MSN without our will, why not do a security update? Perhaps even as I said, just giving links an extra online step before opening the link saying the risk this link may pose, heck, team up with someone like AVG or Zone Labs, they rate links afterall. It's not hard.
Updated: Jan 03, 2008 | Published: Jan 03, 2008
So you want to tell me that this "virus" is been out there for 2 years and NOW you decided to do something about it, and ONLY in the older versions of the messenger cause the new one is more secure?
I can get the new messenger and STILL get to send viruses if i want to (which i don't). What you just told us makes absolutely no sense at all.
You had the power to make an action against our will but you have NO power at all when it comes to undoing it? What i mean is, you claim that the new messenger is more secure (you might not mentioned it but this is what your actions say the least) yet you fail to provide the same option for the older versions, giving the opportunity to EVERY single user of older versions to chose on their own. Don't tell me that you could do a silent update or a manual shutting off of the links but you cannot send an update for older versions that contain the same "safety source" for the new version. That would be at least insulting to all of our IQ's in here.
As for who's advanced or not, people tend to learn you know. Clearly most of us already know that.
You found a "virus" spreading 2 years ago and today, while you launched a new version of the messenger, you fail to provide your services to a committed crowd of people to the messenger. Of course that smells fishy and of course we should be getting paranoid over the idea that you are trying to force us to upgrade into the 2011 version.
If you just turn on the links again and just share your source of 2011 which YOU claim to be secure, as an update for the older versions, this crowd will gain your respect and understand better than what you did right now.
This is a bit of a concern to me. I've used MSN ever since I could remember.
I downloaded the Windows Live Essentials 2011.
It stripped away my ability to personalize my name.
It took away my ability to just talk to my friends without having to dig through mounds and mounds of stupid updates that I don't care about!
I have 2009 and have the ads down at the bottom disabled, because that's not what I want to see when I log on to talk to my friends across the world or my boyfriend across the States.
You say this isn't a "nudge" towards 2011, but your actions speak louder than your text. I've read through all of the comments on this page. It looks as if you, at MSN, made a mistake on this 2011 update.
What you're basically going to do is pull your services on 2009 and force an update. You'll lose far more users than any other update. This is ridiculous!
It took me three days worth of digging to find this.
You say that the "worm" is out of control.
Maybe if half the users weren't STUPID enough to click the link without asking questions, the rest of us INTELLIGENT users wouldn't be suffering with trying to figure out what the next best IM client is.
Yeah, copy and pasting a link isn't that big of a deal, but it's inconvenient. It's inconvenient and it's really annoying. Especially with the links that are longer than a couple characters. There's a silly little thing called "Security options" on my MSN. If I didn't want links to show up, then gosh dammit, I would go into those options and uncheck the bloody box!
I'd consider fixing this as soon as you can. You'll start losing more than just users. Eventually, until you get this fixed, you'll start losing your sponsors, and then you'll start losing money. And we all know you wouldn't want to lose MONEY.
@anesthetic.euthanasia i don't know who you are dude but damn that was poetry
So the worm cannot install if you copy and paste the link into your browser?
If copying and pasting the worm's link (rather than clicking it) doesn't somehow prevent infection, this extremely annoying security measure is almost entirely useless. So thanks for screwing up Messenger!
looks like an old-crap variant of SDBot to me. Who knew that script kiddies still used IRC botnets to this day? Sorry John, I was on yall's side with this till I finally looked into it myself. Although it is protecting the more gullible morons out there from themselves. I'll stay okay with this either way as long as yall don't force 2011 on us.
I'd also be curious if the worm will infect you if you cut and paste the link to a browser.
If so, the MS is telling us that cutting and pasting links is not inconvenient while at the same time relying on the inconvenience of cutting and pasting links to stop the worm.
That's the funny thing. If you copy and paste, it will STILL infect your computer.
This isn't doing anything but forcing the people that aren't intelligent enough to realize that "Oh, hey, this.. probably isn't a link I should be clicking!" to just copy and paste that EXACT SAME LINK into their web browser.
The fact is, if you don't want the possibility of viruses, download 543275894276 different anti-everything onto your computer and never click links.
Don't punish the intelligent for mistakes that other people make.
It's quite -obvious- that it's a malicious link. I've gotten hundreds of them. And you know what I do? I e-mail the person and let them know. And you know what they do?
They get rid of the virus. Because they're smart.
If you don't want the possibility of viruses on your computer...
You probably shouldn't be on the internet.
Do you guys have an estimate on how long this will take? Will we have the active links back by the end of the week?
In the meantime, it would be much appreciated if you gave us the option to turn active links on/off ourselves. I accept the risk I am taking by allowing them, and I will not hold you responsible for any damage that might come to my computer as a result. However, I believe my computer's protection is sufficient to deal with this threat, and I am not too worried about being infected with or without active links enabled.
What i don't understand is, why Microsoft urged to take actions about something in which is not their concern at all. Since you are the providers for a world known IM, in your rules and agreement, there should be (i haven't checked) a rule saying that anything non related to the client of your IM has nothing to do with the product and the team offering the product.
In other words, what a user does with his IM is his own responsibility. And since they want to click on a link being a virus or not, it has nothing to do with your terms and agreement.
But, that's not the strange part. The strange part is, that you indulged such actions days after 2011 version was released. I may sound paranoid about that matter but i believe it's a concrete lie. Why? Simply because you guys never done that before and because WE, the users never chose to ignore one of your updates until 2011 came out. Some will say that there's no way this is a coincidence and i will totally agree with them.
So why is it that all these years that this virus is out there, you NOW decided to call this shot without giving any options to the users who don't want this option and certainly don't want to install your latest product, in which you put a lot of effort and advertised a lot?
I don't know if this means anything or not but this is from Microsoft Service Agreement:
"Your dealings with others. Microsoft may offer goods and services from third parties through the service. If so, for those goods and services your relationship is with the third party only and not with us. You're solely responsible for your dealings with any third party."
I still use MSN Messenger 6 and you know what? It works.
No annoying security features, no advert spam, no in your face attempts to turn the client into a social network. Oh yeah, I almost forgot; I can click links.
It's mighty good to live in the past.
I just wanted to add my two cents over this whole thing.
While I don't think they are forcing us to upgrade or anything underhanded like that, I do believe that its a case of overreaction; maybe you should think about having an option, and if users go into options and choose to enable hot links, then having an automated warning pop up about the virus...
That would be not as intrusive whilst still protecting your customers?
As for WLM 2011, some of the features are good, its prettier for one. And to all people who are raging about the interface, there is a little button you can press to bring up a traditional messenger view.
And the video call update applies to 2009 as well as 2011.
However saying this I don't use 2011, because I can't change my screen name, which is kinda a clincher.
When I read this article I typed several angry rants but finally edited them so much I calmed down and realized that'd just get my post deleted or something. Give us the option to decide if we trust links, refusing to do that would only assure me that this is a scheme to force people into upgrading. I know everyone on my msn and they'd never send me a virus, I'd imagine most cases more or less the same. So if someone made enemies or accepts every invite they get that's their problem and isn't a reflection on Messenger, I don't know why this would even be considered.
I read this blog and laughed, Honestly. These ever so important worms/virus's that Microsoft have so "kindly" made "significant" steps towards stopping have been happening for the last 7 years!
I've been getting this messages, "hey look its a picture of me and you" Well that's a bit dumb considering I've never met this person? I'm not gunna turn around and click the bloody link!
There is already an option to activate or deactivate this in the 2009 version, Why do you need to take our powers of having them enabled or disabled away? The 2011 version is damn well awful I wouldn't recommend anyone to use it, The only good parts is having your face book contacts and such added to your list.
If you really think disabling hyper links is going to stop this virus from spreading your stupid, This type of virus has been around since around 2002. I've had the virus on my pc because I was young and foolish to download it, Even then I managed to remove the virus on my own within 30 seconds of a friend telling me. Anyone that is stupid enough to download the file in the first place which includes me when I was younger, Is too internet-newb to be using the internet.
Removing hyperlinks won't work it will just make the rest of us annoyed and flame you guys, And too all the guy posting. "just use 2011". Why? Do we tell you what brand of milk to drink? No.
End of my rant.
Well, i am happy that somebody from microsoft has taken into consideration (i hope) our comments
Submersible, just hit the nail on the head... And u know what? The people that would have clicked the virus link and have accepted that for some "weird" reason hyperlinking doesn't work, will copy paste the virus link too.. They will also press on the next button on the Link Safety page without even considering anything because it's just the same thing as vista had.. U had to press too many times continue to install a program, even if it was a virus, so u just started pressing that button automatically..
This feature is just annoying. both the disabling of hyperlinking and the link safety page on wlm 11.. But if u are so sure about the success with this approach microsoft, at least give us an option for us "advanced users" to turn all that stuff off.. As "advanced users" i am sure we are ur most active customers and i am sure u don't want to lose us :)
Also, just like Paradox, i would like to know an estimated time this will be fixed, either by giving us the option to disable all this, or enabling hyperlinking again.. It's very very annoying and i think that's very obvious in my previous comment
I would like to add a bitter smile to this. John i'm italian.. Berlusconi is Italian prime minister... Can you even imagine how hard i'm trained in earing fishy smelling excuses every day? And how quickly i can recognize them? So please... you sound like child joke to me, this security feature is just ridicolous.. get serious.
Hey Microsoft. Well done for being jerks.
Maybe it would have been a better idea to stop making Windows Messenger worse with every release rather than basically calling your userbase stupid and forcing those who aren't to move to other clients or put up with this annoying not-actually-helping-anyones-security pointlessness? Ohwaitbutthennoonewouldupgradetotakeadvantageofyourpointlessadditionstoamessengingclientandthenstevebalmerwouldn'tpatyouguysonthebackdevelopersdevelopersdevelopers.
Hey this wasn't my idea!
Really dude, e-mailing someone a link? What year is this, 1995?
Microsoft keeps on worsening MSN in every possible way. WLM is just terrible, you can't even choose your own screen name. Microsoft wants to join the whole social internet thing but in this way it's just failing horribly
It's like Microsoft's products are now being developed by my mother rather than internet geeks or something.
Did I say email links? What would you do if hyperlinks never existed in anything, if you had to copy and paste links to get around the internet rather than clicking things.
@ John Scarrow
I really don't get it. To me this sounds like a cover up and that the Microsoft team does not care about what anyone is saying
You stated, this attack is worse than the others, that there is protection from it in messenger 2011 and that the impact of hits is great.
Now, what I understand when I read this is,
First - You are fully aware of this attack, but DO NOT inform your users. We have to "accidently" stumble upon this blog.
Second - That Microsoft cares not about anyone in an earlier version of messenger because if the team cared, you would have gave a small update for protection to the earlier members instead of just SILENTLY trying to upgrade us to the new messenger.
and Third - If the impact is so great, refer to the comments 1 and 2. Why were we not informed? Why were we not given protection? Why is this STILL the only way the team is informing us?
You state that we are "better than average" drivers and that the hyperlinks being disabled is a nuisance.
Now, my problem with this one is,
I understand full well why the links were turned off. Yes it is a great annoyance because friends and I send hundreds of links a day. The problem I have with this one is I thought my messenger was broken. Thought I had a virus. I was cleaning my computer, wiping things, trying to figure out the problem. THERE WAS NOTHING INFORMING US THEY WERE TURNED OFF! That is why this is an annoyance! No one from the Microsoft team thought to send out an OFFICIAL e-mail stating, "We are very sorry for the inconvenience, but due to a massive spread of a worm through Messenger clients, we will temporarily be turning off hyper links in order to try and protect our users. For more information SEE THIS BLOG!" Hmm.... was that so hard?!?!
You state you are trying to make better security software and that this is not to nudge us to upgrade.
We understand that security is important, but you should secure all your products that are being used, not just one then disable features of another. If that security only works for 2011 then you guys messed up. I am sure you only added and removed features to create the new messenger and didn't scrap the code and redo the entire messenger itself. So minor tweaks should make the security work on older messengers.
Now, the "nudging us to upgrade". Most of us are not going to believe that this is not an attempt to do so. Microsoft has already shown that you will go behind our backs and keep us ill informed. We understand we will not like all the features of the upgrades and that we will miss some of the old ones. But if you are getting people because of the layout you currently have, give us the option to keep it. I loved the sharing folders, I love the photo share, I love being able to share my background, change my background, change the color scheme of my messenger. I love that you let me put my own picture on the header of my contact list. But the new 2011 version to me seems like a downgrade. I seem to have lost many of the features I loved. It was too bulky. After I slimmed it down to look like old messenger, it was still huge. I have a decent sized computer screen, but it took up a lot of the screen.
I just wish that we are given a choice on what is removed and added. This is my favorite messenger, I hate that I am thinking of uninstalling it due to Microsoft's lack of being loyal to it's users. But that's seems to be the way things are now.
Everyone wants to fix what is not broken. Everyone higher up wants to "improve" other's belongings and lives through hidden means. Just how the world is now.
*gives thumbs up to wakachu*
And that fixes that problem. Check, and mate.
@Wakachu That's really nice, but i dont like to screw around in windows files. There should be a normal way to re-enable them
There is a download there for one that is already fixed so you don't have to do it yourself. It's not difficult to replace one file. If you mess it up, the worst that could happen is your messenger won't work properly. Reinstalling it would fix it.
But it would be nice to be able to enable links again without hex editing.
Thanks a lot, mate. Much appreciated.
One thing to note: Before replacing the file, rename the original just in case something goes tits up.
Oh wow. This was funny...
One thing that pissed me off even more, was that, even though I couldn't click on any link, in the upper part of the converation window, there woudl still appear that warning "If you click the following link....". Yeah, right...
So, I thought about giving the 2011 version another try...so, after dealing with the fugly design, obnoxious no-nicknames, and the annoying way photosharing now works, I was still copying and pasting the links, because if i clicked on them, not only I would get the dumbscreen, a lot of the sites would think I'm hotlinking.
Now that there is a solution, that only us 'better than average" users can do, I wonder what is going to come next...
Dudes, this is just sad.
You know what your "Link Safety" in 2011 amounts to? An annoying "be careful" that's of no use to non-savvy users, and a mere annoyance to people who actually know their way around the internet. It's just demeaning and it doesn't help at all.
I will not be upgrading to 2011, because I'm tired of being babied. I'm tired of being told that I can't trust my friends. I'm tired of being told that after seven years of using MSN Messenger (and later, Windows Live) RELIGIOUSLY that I don't know how to spot a suspicious link. I'm tired of being told I have to scan things I receive from my similarly computer-savvy friends for viruses. And I'm NOT going to take this anymore.
I'll be using the hex editor solution someone else posted, and NOT updating. And when you eventually do force the 2011 upgrade, I will stop using Windows Live until you stop beating the poor beleaguered thing into the ground with useless features, useless "security upgrades," and pointless dumbing-down of stuff that used to actually kind of rock.
I'm so disappointed. I've been faithful for so many years, and this is how I'm treated?
This is not what I was hoping to see from Microsoft. It would be even better giving us a choice to chose if we want to enable or disable hotlinks instead "forcing" us to update to WLM 2011, which in my opinion sucks, UI is bad, can't change my nick, also that picture "sharing" thing or w/e it sucks. ;(
I just hope this is not going to last for long, so I can have my hotlinks back, for now I'm gonna use that what Wakachu posted.
Also @Wakachu, thx bro, that works.
Just turn the links back on... this makes no sense. The worm can spread just as easily if the user copy-pastes the address from the chat window, intelligent users won't get affected either way, are you counting on the not so smart users to be idiotic enough to not being able to even copy-paste a link from the window to the address bar on their browsers? Geez.
What? So this is all a scam to force people to update to the latest version of the client? Geez, I tried it out and downgraded it right away, there's no way I'm going to change until there's a patch to remove all of that advertising and tweak the interface.
@maccoutinho: use a-patch.
Well thanks Wakachu. I'd rather not be forced into 2011 and it's a shame I have to edit the program myself to bypass the stupidity of disabling hotlinks. Oh well, thanks again! :D
God bless you. Shame on Micro$oft.
I'm spreading the link all over the web as much as I can, please everyone do the same!
ok, nice job microsoft team protecting us, keep up the good work because we keep on using windows live messenger 2009 even if we have win7, as the 2011 version is way too bad. (it sucks actually)
I have windows Xp and vista service pack 1
so I cannot update to windows live 2011 ,,,,Too bad
my xp one is an old cpu that cannot install Vista and 7
and I thought I'am the only one having this problem
but does that really mean that my computers are infected ??
I really checked it up by Anit-virus many times
but I still feel anxious worried ,,,etc :( !!!
As the support guy getting calls over this, I'm annoyed that the message indicates a connection problem.
This is most definately not a connection problem, it is a security problem; the message should clearly state that this is a security problem that MS is trying to fix.
@Wakachu It worked, awesome.
Still a big BOOO! to microsoft. Strangely since this thread started and we started complaining. Pidgin&aMSN stopped working good on my phone, it gets a lot of ssl/certificate errors. What a coincidence eh?
I hope ms would screw up once more, huge. So we can all step over to skype. I bet Windows live 12 would suck even more, like a commercial survey before you can chat with your friends xD . That's a good idea eh? I'd say, DO it microsoft!
I'm gonna confirm this as a forced update to 2011. There's no more hiding it.
Also to add in, 2011 is a "Recommended" update on Windows Update, and is AUTOMATICALLY DOWNLOADED AND INSTALLED via Automatic Updates, along with every other update. Several people I know ended up getting 2011 installed without any interaction.
It's been almost two weeks now, Microsoft. Shouldn't you at least give us an estimate on how long this will take to fix?
It's not getting fixed. You'll have to use this:
Thank you for the link, Wakachu. It's pretty bad that we have to hack the program to fix Big Brother's stupidity rather than just enabling a setting within the program. I'll be trying this fix ASAP.
Anyone else care to wager that florinr08 was John Scarrow in disguise so he could be able to downtalk us and be snarky in a way that a Microsoft employee could be fired for? They were far too wise, and the ONLY post that was pro-Microsoft. XD
@jbdub82: We've been doing THAT since 6.x of MSN messenger. There's many writeups on getting older versions to sign in w/o a forced upgrade.