Yahoo! Messenger Security Update: Live Show-ers Beware

Users of the popular/ubiquitous/bane of corporate IT people Yahoo! Messenger are advised to update to the latest version (8.1.0.401) of the said instant messaging application due to the existence of two ActiveX vulnerabilities.

The said vulnerabilities are ActiveX buffer overflows that can lead to remote code execution. These ActiveX controls are related to YM’s Web cam capabilities (so you live show-ers are mostly affected).

Related to this topic, Trend Micro has detected a new malware that specifically exploits these YM vulnerabilities. Dubbed as JS_DLOADER.NSP, this JavaScript malware exploits the YM vulnerabilities to download another malware.

By this time, YM should have prompted you to download the update, unless you’re the type to ignore updates. I suggest you do so, now. Your live show will have to wait.

June 12th, 2007

4 Comments

Jump to comment form | Comments RSS | Trackback URI | Tags:
  • http://fireeyedboy.com Jeff

    Bah, I use http://webmessenger.yahoo.com/ instead

    until YM for Vistacomes out

    btw, im at work. lousy XP here. heheh

  • http://awbholdings.com/techwatch Arbet

    Some companies block Web YM as well.

  • http://fireeyedboy.com Jeff

    hmm.. did i say system admin ako? here, i am god. mwahaha.

  • http://awbholdings.com/techwatch Arbet

    Sumbong kita he he.

  • Ads

  • Ads

    Cdjapan Manga

  • Sections

  • Entrecard

<