X
Business
Home Business Social Media

Security makeover for Yahoo Messenger

Eight days after the release of exploit code for code execution holes in the Yahoo Messenger IM client, Yahoo has shipped a new version with patches for its Windows user base.
Written by Ryan Naraine, Contributor
Eight days after the release of exploit code for code execution holes in the Yahoo Messenger IM client, Yahoo has shipped a new version with patches for its Windows user base.

The latest security makeover, which is being distributed via the software's auto-update mechanism, covers two separate vulnerabilities that can be triggered when an attacker tricks the target into accepting a webcam invitation.

[ SEE: Beware of strange Yahoo Messenger webcam invites ]

Yahoo confirmed in an alert that the flaws could open doors to remote code execution attacks.

Some impacts of a buffer overflow might include the introduction of executable code, being involuntarily logged out of a Chat and/or Instant Messaging session, and the crash of an application such as Yahoo! Messenger. For this specific security issue, these impacts could only be possible if an attacker is successful in prompting the Messenger user to accept a webcam invitation.

This is the second major security makeover for Yahoo Messenger this year.

Editorial standards
Show Comments

Related

Linus Torvalds and Dirk Hohndel, Open Source Summit North America 2024

Linus Torvalds takes on evil developers, hardware errors and 'hilarious' AI hype

penguin holding an apple on Sonoma background

6 features I wish MacOS would copy from Linux

Placeholder product image alt text

The best AI image generators to try right now