Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Yahoo Messenger Experiences Ninth Zero-day Exploit Of Year

  • Please log in to reply
No replies to this topic

#1 harrywaldron


    Security Reporter

  • Members
  • 509 posts
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:12:37 PM

Posted 21 September 2007 - 08:42 AM

September 19, 2007 (Computerworld) -- Attack code that targets Yahoo Messenger has been published on the Internet, a security researcher warned today, marking the ninth exploit aimed at the popular instant messaging software so far this year.

According to an e-mail alert from nCircle Network Security Inc., hackers armed with the exploit could force-feed malware such as a Trojan horse to vulnerable users. It was nCircle that pegged the latest zero-day threat against Messenger as No. 9 for the year. IE's security, however, can mitigate an attack. Users running the newer IE 7 with default security settings will probably be protected.

Users of Yahoo's IM software should be careful with all files or URLs offered. Using IE 7 or ramping up security for IE 6 can help. It's been a while for me on IE 6, but one quick fix is to go into Advanced mode and change many of the settings for installing items on your PC from Automatic to Prompt.

Yahoo messenger hit with ninth zero-Day exploit of the year

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users