Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Webmaster / Yahoo News

Yahoo News

Yahoo Messenger Updated, Waiting For Your Download

Webcam vulnerabilities fixed

By Bogdan Popa, Security and Search Engines Editor

27th of August 2007, 09:49 GMT

Adjust text size:


Yahoo Messenger for Vista
Enlarge picture
One week ago, it was discovered that Yahoo Messenger contains two security holes in its webcam support that might allow an attacker to obtain higher privileges on an affected computer. At that time, the security companies from all over the web encouraged users to avoid using the YM webcam functions or at least, to use the features only with the trusted consumers. Everyone was waiting for the
official update to be rolled out by the parent company Yahoo because it was the only one which was able to bring the functionality back. Well, it is finally here so, if you want to use the webcam support and remain secure in the same time, you should update your Yahoo Messenger now.

According to the security notification published by Yahoo, all the users who installed the application before August 21, 2007 should update the application to the recently release version. "If your computer has installed Yahoo! Messenger before August 21, 2007, you should install the update. Installing the update helps protect against exploits of this issue that may be developed," it is mentioned in the advisory.

As usual, the update is distributed through the auto-update function implemented in Yahoo Messenger but you are also able to fix the patch manually by downloading the latest version of the application.

"A denial-of-service attack (also known as DoS attack) is an attack on a computer system that causes a loss of service to users. For this specific security issue, the Yahoo! Messenger exits unexpectedly after accepting a webcam invitation from a malicious attacker. Some impacts of a buffer overflow might include the introduction of executable code, being involuntarily logged out of a Chat and/or Instant Messaging session, and the crash of an application such as Yahoo! Messenger."

"For this specific security issue, these impacts could only be possible if an attacker is successful in prompting the Messenger user to accept a webcam invitation," the folks working at the Sunnyvale company tried to describe the vulnerability.

TAGS:

 yahoo | messenger | security


Rating:
Good (3.0/5) 9 vote(s) so far    

Read by 1,230 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Yahoo Advertises on Yahoo Messenger

Yahoo Launches Web-Based Yahoo Messenger

How to Get Messenger into Your Yahoo Mail Account!

Yahoo Messenger Goes Crazy! What Should We Do?

Yahoo Messenger Still Unpatched, Users at Risk!

Yahoo Messenger Reaches Another Level

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive