Almost everyday now there is a worm spreading through instant messaging programs, some new method for tricking chat users. All the big instant messaging networks have suffered from some kind of disease: worms, viruses, phishing and pharming, "overloaded servers" doubled by malicious codes. And since MSN, Yahoo and AOL had all security problems of this kind, it was unavoidable that the solution that encompassed all of them to remain unharmed.

LogicLibrary discovered that Trillian has a vulnerability that allows a hacker to take control of the victim's computer. LogicLibrary is a company that writes solutions for code developers, including bug tracking and security breaches programs before a program is released.

The vulnerability of Cerulean Studios' latest Trillian version 3.1 is triggered by a buffer memory error. This error existed since the version 2.0 and it was reported to the producer.

Cerulean representatives declared that the risk associated with this error is "extremely small" and the attackers should develop a complete instant messaging application in order to be able to transmit a fake IM message to a Trillian user.

The attack only succeeds if the Trillion user confirms the message. Cerulean announced that the new version will fix this vulnerability and recommends all users to pay attention when accepting file transfers or any method of communication with an unknown user.