Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Webmaster / Yahoo News

Yahoo News

I Simply Love Yahoo Messenger, Especially When It Makes Me Vulnerable!

And today, I love YM once again

By Bogdan Popa, Security and Search Engines Editor

16th of August 2007, 09:09 GMT

Adjust text size:


Yahoo Messenger chat window
Enlarge picture
Yahoo Messenger, the software solution that is regarded by some of the users as the only instant messaging client that deserves to be installed on a computer, contains a critical security hole that might really harm your computer. The vulnerability was first published on a Chinese security forum but the folks from McAfee, one of the largest security firms in the world, analyzed it and provided valuable information for all the
Yahoo Messenger fans. First of all, you should know that it affects the webcam support provided by the application so, if you're not one of the ones that love to do live-chatting, then you're free to go.

According to McAfee, the only version of Yahoo Messenger affected by the vulnerability is 8.1.0.413 but other versions might be also unsecure in front the attack. The only exploitation technique discovered until now is sending a webcam invite so, the safest solution to avoid the danger is refusing and denying any unknown or untrusted webcam invitation received by you.

"It seems like a classic heap overflow which can be triggered when the victim accepts a webcam invite. Note that this vulnerability is different from the recently patched one in June which exploited the Yahoo! Webcam ActiveX controls," McAfee notes.

Another solution mentioned by the security company is blocking "outgoing traffic on TCP port 5100 until the vendor patches this vulnerability."

"To mitigate this, we're releasing our NIPS IntruShield signatures today to protect Yahoo! Messenger users from this threat. We shall keep on monitoring this threat and update if we come across anything."

So, we're now expecting a new version of Yahoo Messenger to be released in the upcoming days but what's most important is that this is another sign of vulnerability in one of the most popular chatting software solutions available on the Internet.

TAGS:

 yahoo | messenger | security | webcam | flaw


Rating:
Good (3.5/5) 6 vote(s) so far    

Read by 596 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Yahoo Advertises on Yahoo Messenger

Yahoo Launches Web-Based Yahoo Messenger

How to Get Messenger into Your Yahoo Mail Account!

Yahoo Messenger Goes Crazy! What Should We Do?

Yahoo Messenger, Yahoo Mail and Yahoo Search Go Offline!

Yahoo Messenger Still Unpatched, Users at Risk!

Yahoo Messenger Reaches Another Level

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive