I think the point here should be to provide feedback to the MSN team on this vulnerability (I think it is).

I don't believe leeappdalecom's friend would unwittingly send him a malicious link (can you confirm this leeappdalecom?). I'm assuming the messege was somehow hijacked during transmission and this should not be possible. If the messege was sent from MSN or live messenger then the MSN team should at least please look into this. My niece (10yrs old) uses this IM frequently with her friends, they would just click on the links!