September 19, 2007 (Computerworld) -- Attack code that targets Yahoo Messenger has been published on the Internet, a security researcher warned today, marking the ninth exploit aimed at the popular instant messaging software so far this year.
According to an e-mail alert from nCircle Network Security Inc., hackers armed with the exploit could force-feed malware such as a Trojan horse to vulnerable users. It was nCircle that pegged the latest zero-day threat against Messenger as No. 9 for the year. IE's security, however, can mitigate an attack. Users running the newer IE 7 with default security settings will probably be protected.
Users of Yahoo's IM software should be careful with all files or URLs offered. Using IE 7 or ramping up security for IE 6 can help. It's been a while for me on IE 6, but one quick fix is to go into Advanced mode and change many of the settings for installing items on your PC from Automatic to Prompt.
Yahoo messenger hit with ninth zero-Day exploit of the year