Yahoo plugs Messenger hole

By Joris Evers
Staff Writer, CNET News

Related Stories: Yahoo Mail integrates IM
February 12, 2007; Yahoo's IM update: A Trojan horse of surprises
December 15, 2006; Yahoo Messenger releases security update
December 15, 2006

Yahoo this week released an updated version of its instant messaging application to fix a vulnerability in the audio conferencing feature. If exploited, the security hole could give an attacker full control over a Windows computer running the vulnerable software, Yahoo said on its Web site. All versions of Yahoo Messenger downloaded before March 13 are affected, the company said.

For a hack to succeed an attacker would have to trick a Yahoo Messenger user into viewing a malicious Web page, Yahoo said. The flaw lies in an ActiveX control, a small program that can typically be invoked from Internet Explorer. Yahoo will notify its users to install the update over the next several weeks, the company said.

See more CNET content tagged:
audioconferencing, Yahoo! Inc., Yahoo IM, security

Add a Comment (Log in or register)

Yahoo for Mac OS 10
by wayland.ind April 4, 2007 7:04 PM PDT: i wonder when yahoo is going to have an active development team for their Macintosh messenger.
it's ridiculous to see them releasing an update every 3 years. i hope MSFT makes the next MSN version so you can communicate with yahoo users.; Reply to this comment

Latest tech news headlines

The royal family's Twitter feed: One is confused
Posted in Technically Incorrect by Chris Matyszczyk

July 11, 2009 12:13 PM PDT
Shuttle launch delayed to assess lightning strikes
Posted in The Space Shot by William Harwood

July 11, 2009 10:08 AM PDT
A high-quality image projector on your smartphone?
Posted in Geek Gestalt by Daniel Terdiman

July 11, 2009 6:00 AM PDT
See all headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Markets: Market news, charts, SEC filings, and more; Related quotes; Yahoo (2.61%) 0.38 14.93; Dow Jones Industrials (-0.45%) -36.65 8,146.52; S&P 500 (-0.40%) -3.55 879.13; NASDAQ (0.20%) 3.48 1,756.03; CNET TECH (0.36%) 4.57 1,262.65

Inside CNET News

Scroll Left Scroll Right

The Space Shot
Shuttle launch delayed to assess lightning strikes
Lightning strikes at launch pad 39A Friday forced NASA to delay the shuttle Endeavour's launch 24 hours, from Saturday to Sunday, to assess possible effects on critical systems.
Gallery
Photos: Top-rated reviews of the week
Technically Incorrect
The royal family's Twitter feed: One is confused
The British monarchy, a fairly tech-literate crowd, decides to embrace Twitter. However, though it claims not be to following anyone, evidence suggests the contrary.
Beyond Binary
Microsoft aims for Silverlight at end of the tunnel
The software maker concedes it has a long way to go to reach the ubiquity of Adobe's flash, but notes it has come a long way in a little less than two years.
Video
Video: iPhone 3G S launch in New York City
Digital Media
Report: MySpace to push deeper into entertainment
News Corp. has plans to turn MySpace into an entertainment portal. How much more entertainment can the site add?
Video
A recipe for high-tech chocolate
Geek Gestalt
A high-quality image projector on your smartphone?
The technology isn't here yet, but microdisplays from Micron may soon make it possible to use smartphones to project high-quality images anytime, anywhere.
The Space Shot
Weather threatens Saturday shuttle launch
A month late because of a now repaired hydrogen leak, NASA is preparing the shuttle Endeavour for launch Saturday on a 16-day space station assembly mission.
Gallery
Photos: A smartphone as a movie projector?
The Audiophiliac
How to: Get the most out of your subwoofer
Experts discuss the ins and outs of subwoofer performance on a Home Entertainment magazine podcast.
Green Tech
Chasing the Toyota Prius' 50-mpg nirvana
CNET News' Martin LaMonica, an early buyer of the 2010 Toyota Prius, finds that the car gets good mileage but there's clearly more to learn.