12-05-2003, 01:00 AM
|
|||
|
|||
|
Yahoo Plugs Security Hole In Messenger
Shifter Yahoo this week released a security fix for Yahoo Messenger in response to a report that attacks might take advantage of a buffer overflow vulnerability in the popular instant messaging client. Earlier this week, Danish security firm Secunia issued an advisory noting the vulnerability, which in a worst-case scenario could be used by hackers enticing surfers to a malicious Web site to run code on a compromised machine. The vulnerability is due to a flaw in the ActiveX component yauto.dll used by Yahoo Messenger. The problem, said Secunia’s alert, affects versions 5.6.0.1347 and earlier. According to Yahoo, the vulnerability could affect only those users who have changed the security settings of Internet Explorer from the default ’medium’ to the ’low’ option. Yahoo recommended that users install the most recent version of Internet Explorer and if they’ve changed security settings for the browser, return them to the default setting. Yahoo said it wasn’t aware of any active exploits of the bug, but nonetheless posted a patch for Yahoo Messenger. The fix is available for downloading from the company’s Web site. Links: 
|
 |
| Currently Active Users Viewing This Topic: 1 (0 members and 1 guests) | |
| Topic Tools | |
|
|
Similar Topics
|
||||
| Topic | Topic Starter | Forum | Replies | Last Post |
| Messenger Plus! 3 BETA Review! | DXtremz | Windows Live Messenger Support | 44 | 09-14-2005 02:32 PM |
| Messenger Plus! 3 Feature List | BigBlueBall News | Windows Live Messenger News | 0 | 05-21-2004 01:00 AM |
| Security Flaw Found in Yahoo Messenger | BigBlueBall News | Yahoo! Messenger News | 0 | 12-03-2003 01:00 AM |
| Yahoo! Messenger Launches ′IMVironments′ With Next Generation of Yahoo! Messenger Service | BigBlueBall News | Yahoo! Messenger News | 0 | 10-22-2001 01:00 AM |
