Via InformatonWeek.com -
Yahoo is working on a patch for critical Yahoo Messenger vulnerabilities that could enable a remote hacker to take control of a user's system.
Researchers at eEye Digital Security found the bugs within the last few weeks and reported them to Yahoo on Wednesday, according to Marc Maiffret, co-founder and CTO of the security company. eEye's researchers say there actually are multiple flaws in version 8 of Yahoo's instant messenger client software.
The company gave the bugs its highest security threat rating. "If you're running this, your system could be compromised," said Maiffret. "It allows for remote [code] execution."
"We recently learned of a buffer overflow security issue in an ActiveX control," a Yahoo spokeswoman said in an e-mail to InformationWeek. "This control is part of the code for Web cam image upload and viewing. Upon learning of this issue, we began working towards a resolution and expect to have a fix shortly."
No comments:
Post a Comment