Yahoo Instant Messenger
Yahoo Messenger users are being urged to update to the latest version of the software

Yahoo rushes out IM patch

Release of exploit code for Messenger flaw stings internet portal

Written by Tom Sanders in California

vnunet.com, 11 Jun 2007

Yahoo has released an update for its Instant Messenger software shortly after researchers posted code that exploits flaws in the application. 

Security vendor eEye issued an advisory on Tuesday warning about multiple vulnerabilities in Yahoo's messaging software. 

The 'critical' vulnerabilities in the ActiveX component that controls webcams could allow an attacker to take control of a system by luring users to a specially crafted website or email message.

Researchers took less than 24 hours to create the exploit code after eEye published its advisory. The exploit has since been widely distributed through well known security sources including the Full Disclosure security mailing list. 

Yahoo has urged users of the "All New Yahoo Messenger" to update to the latest version of the software. The application will prompt users of the available update when they sign-on.

See also:

reader comments

related articles

 

Mozilla patches critical Thunderbird flaw

Attackers could remotely execute code on compromised systems 28 Feb 2008

Security

Microsoft warns of new Word attacks

Remote code flaw being exploited 10 Jul 2008

Internet

Microsoft fixes 20 security flaws

Four 'critical' patches in monthly update 15 Oct 2008

latest news

Exclusive: Bell Micro EMEA confims job cuts

Distributor looking to make cost savings of 10 per cent across the business 21 Nov 2008

Avnet looks forward to 2009

Chief executive Roy Vallee reveals why the distributor is confident of riding out the storm 21 Nov 2008

PC growth forecasts slashed by two-thirds

Market watcher downgrades 2009 PC growth expectations from 11.9 to 4.3 per cent 21 Nov 2008

More news

poll

Securing the future

Securing the future

Does the security channel need a governing body?

Previous poll results

Vendor Q&A Session: Rick Wallis, NEC Computers

Vendor Q&A Session: Rick Wallis, NEC Computers

During this Q&A session Rick Wallis, UK Sales Director at NEC Computers, talks about the firm’s reasons for committing to a 100 per cent channel strategy

In the Studio with CRN: Oracle

CRN TV catches up with Alan Hartwell, vice president of technology solutions and channels at Oracle

More CRN TV

events

Channel Expo 2009 logo

Channel Expo 2009

The UK's top reseller exhibition will return to the NEC on 20 May 2009

More Events

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Advertisement

White papers

Search white papers

Top categories

Primary Navigation