June 8, 2007 7:48 AM PDT
Yahoo releases critical security patch for IM
Messenger users' computers could be at risk if they visit malicious Web sites or view other malicious HTML code. The attackers could then exploit security flaws in the Yahoo Webcam ActiveX control, a software package that is downloaded with Messenger.
eEye Digital Security discovered the flaw and reported it to Yahoo earlier this week. eEye gave the problem its highest risk rating; fellow security company Secunia did the same, labeling it "extremely critical." Yahoo issued the patch in an update on Thursday.
In December, Yahoo issued a "highly critical" update to address another ActiveX security flaw in Messenger. The vulnerability was found in the ActiveX control for Yahoo's services suite, which could be exploited to launch a buffer overflow attack.
6 commentsJoin the conversation! Add your comment