14 DAY TRIAL // Trillian, the famous Yahoo Messenger alternative, is not a too secure replacement for the popular instant messaging client, because it contains a critical security flaw that might harm the users' computers. According to security company Secunia, Trillian Basic 3.x and Trillian Pro 3.x contain a highly critical vulnerability that can allow an attacker to compromise an affected system. It seems that the vulnerability exists in version 3.1.5.1 but other releases might be also affected.
"The vulnerability is caused due to a boundary error when word-wrapping UTF-8 strings in a message window. This can be exploited to cause a heap-based buffer overflow when a user views an overly long, specially crafted message using e.g. the MSN protocol," Secunia mentioned in the security advisory.
As usual, the most efficient solution to avoid the exploitation of the vulnerability is to update it to the latest version of the application, in our case 3.1.6.0.
As you can see, the security flaws are discovered in any type of software solution but, in some cases, they might cause even more trouble than we expect. In this case, the attacker can see private discussions made through the instant messaging client as he is able to affect the chatting protocols.
In the past, even the applications that were supposed to protect our computer, such as antiviruses or firewalls, proved us that there is no 100 percent efficient program, as the hackers managed to exploit them too. No matter if it was Kaspersky, McAfee or Norton Antivirus, they were all vulnerable to attacks due to more or less critical security flaws. Fortunately, the parent companies managed to patch them quickly enough to avoid considerable damages and distributed the fixes to all the affected users. You're always encouraged to avoid opening untrusted programs or links and messages so, if you want to remain secure, work with extreme caution.