The alert, issued Wednesday, said that the vulnerability affected MSN Messenger's chat feature, which allows multiple messenger users to exchange text messages in a separate ActiveX-based window.
Hackers can exploit the vulnerability to impose a buffer-overflow attack, the alert said. Buffer-overflow vulnerabilities allow hackers to execute potentially harmful programs on a victim's computer that could delete files or cripple the system's security.
Attackers can issue the buffer overflow through e-mail that contains HTML or a malicious Web site, the notice added.
To plug the vulnerability, people must download an updated version of MSN Messenger or Exchange Instant Messenger. They can also download an updated version of MSN Chat control from its chat Web site.
Microsoft Chairman Bill Gates has made security aat the software giant. The company has come under criticism routinely for security and privacy weaknesses in its software. Now that Microsoft is focusing on its .Net initiative, which strives to offer software and services over the Internet, the issue of security and privacy has become more critical.
In February, security specialists called attention to a browser glitch that left MSN Messengerto a fast-spreading worm.
Also around that time, a glitch in the company's similar Windows Messengersome people from staying connected to the service. Users of MSN Messenger seemed less affected by the problem.