Saturday, June 09, 2007

Important Yahoo Messenger Security Update

Yahoo released an update for the messenger program to fix two critical vulnerabilities affecting separate ActiveX controls related to the webcam functionality. As explained by F-Secure:
Very accurate and script-kiddie-friendly exploits are publicly available for both vulnerablities. It is possible that crimeware distributors will start exploiting this for drive-by downloads. Therefore, please install the latest upgraded version of Yahoo Messenger (ver as soon as possible. Yahoo will start distributing the new version soon through an automatic update, but until that happens, you will need to install the new version manually by going to the Yahoo Messenger download page.

Don't wait for Yahoo to make the fix available via their automatic update process. Instead, update Yahoo Messenger as soon as possible.

No comments: