14 DAY TRIAL // A lot of users are looking for a Yahoo Messenger alternative in order to find a better software solution able to provide different functions than the ones offered by the main instant messenger created by Yahoo. Trillian is one of the most popular solutions able to replace Yahoo Messenger but the recent security advisories are not encouraging users to install the application. Today, security company Secunia wrote about a new highly critical security flaw discovered in Trillian that can allow an attacker to compromise an affected system.
"The aim:// URI handler does not verify certain parts of the "aim://" URI before writing it into a file specified via the unverified "ini=" parameter. This can be exploited to e.g. write a batch file into the Windows "Startup" folder that starts an attacker-defined application by tricking a user into following a specially crafted "aim://" URI," Secunia wrote in the security notification.
According to Secunia, the security hole was confirmed only in Trillian Basic 3.1.6.0 but other versions of the application might be also affected by the flaw. The solution is to avoid browsing untrusted pages and to disable the "aim://" URI handler.
There are a lot of applications able to replace the classic Yahoo Messenger provided by the Sunnyvale company but, when you see all these vulnerabilities, the basic instant messenger looks better than any other alternative.
But Yahoo Messenger is also a vulnerable application and this was proved several times but other security notifications rolled out by the research companies. Even the parent company Yahoo confirmed them but the employees worked quite fast and managed to repair them in no time.
Yahoo Messenger is one of the most powerful instant messaging clients on the Internet, providing an impressive number of well-developed communication features. If you want to download the latest version of Yahoo Messenger, you can take it straight from Softpedia.