What is the BigBlueNetwork?

News Categories

Post a news story

Join other instant messaging fans in our live IRC chat room. Click here to launch our java chat, or visit irc.bigblueball.com #bigblueball

Latest News

News Feeds

Add to My Yahoo!
  Help
  Help

 Got instant messaging questions? Get answers in our forums. Sign up now for free!


Front Page > Site News & Announcements > Instant Messaging News > Yahoo! Messenger News

Yahoo Plugs Security Hole In Messenger

Posted by BigBlueBall News BigBlueBall News is offline on 12-05-2003, 01:00 AM  

Shifter

December 5, 2003


Yahoo this week released a security fix for Yahoo Messenger in response to a report that attacks might take advantage of a buffer overflow vulnerability in the popular instant messaging client.



Earlier this week, Danish security firm Secunia issued an advisory noting the vulnerability, which in a worst-case scenario could be used by hackers enticing surfers to a malicious Web site to run code on a compromised machine.



The vulnerability is due to a flaw in the ActiveX component yauto.dll used by Yahoo Messenger. The problem, said Secunia’s alert, affects versions 5.6.0.1347 and earlier.



According to Yahoo, the vulnerability could affect only those users who have changed the security settings of Internet Explorer from the default ’medium’ to the ’low’ option. Yahoo recommended that users install the most recent version of Internet Explorer and if they’ve changed security settings for the browser, return them to the default setting.



Yahoo said it wasn’t aware of any active exploits of the bug, but nonetheless posted a patch for Yahoo Messenger. The fix is available for downloading from the company’s Web site.



Links:



Reply With Quote

View Comments   Show Printable Version   Email this Page


 

Comments

Reply



Currently Active Users Viewing This Topic: 1 (0 members and 1 guests)
 
Topic Tools


Similar Topics
Topic Replies Last Post
Messenger Plus! 3 BETA Review! 44 09-14-2005 02:32 PM
Messenger Plus! 3 Feature List 0 05-21-2004 01:00 AM
Security Flaw Found in Yahoo Messenger 0 12-03-2003 01:00 AM
Yahoo! Messenger Launches ′IMVironments′ With Next Generation of Yahoo! Messenger Service 0 10-22-2001 01:00 AM

 
All times are GMT -5. The time now is 09:41 AM.
Return to the BigBlueBall.com homepageHome | Contact Us | Privacy Statement | Advertise | Top
Powered by vBulletin® Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0 RC6
Content Relevant URLs by vBSEO 3.0.0 RC6
©1999 - 2008 BigBlueBall.com All rights reserved.