ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Online business Toolkit

Yahoo! fills in Messenger hole

Jim Hu CNET News.com

Published: 29 May 2002 11:03 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

A security vulnerability that could allow hackers to delete files on someone's computer has prompted Yahoo! to issue a fix for the latest version of its popular instant messaging software.

The vulnerability allows hackers to impose a "buffer overflow" attack, meaning they could imbed a potentially harmful executable program on someone's computer. Using Yahoo! Messenger as its conduit, hackers could delete files or cripple a computer's security.

Yahoo! updated the 5.0 version of its service on Friday after the exploit was discovered. A Yahoo! spokeswoman said the company began on Tuesday to encourage Messenger users to download the new build of the software, which includes a fix for the vulnerability, from Yahoo's Web site.

"Upon learning of the issue, we responded quickly by making an updated version of Yahoo! Messenger available," Yahoo! spokeswoman Mary Osako said in an email.

Osako declined to say how many Yahoo! users were affected, but she reiterated that the update was released for all Yahoo! Messenger users. In April, 19.1 million people in the United States used Yahoo! Messenger, according to Web measurement company Jupiter Media Metrix. Because Yahoo! has many international users, the total number of people potentially affected by the vulnerability is likely much greater.

As of noon on Tuesday, there was no information on the Yahoo! site about the security hole. The vulnerability was first discovered by Vice Consulting, an information technology consulting firm based in Ho Chi Minh City, Vietnam.

Buffer-overflow vulnerabilities are common flaws in IM services. AOL Time Warner has been troubled by such security holes in its AOL Instant Messenger application. Microsoft also issued a warning on its Web site earlier this month informing people of a similar weakness that affected MSN Messenger software. Microsoft chairman Bill Gates has earmarked security as a top priority for the company largely because of the company's increased reliance on its .Net initiative, which will offer software and services over the Internet.

For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Viruses and Hacking News Section.

Have your say instantly, and see what others have said. Go to the Security forum.

Let the editors know what you think in the Mailroom.

  • Email
  • Trackback
  • Clip Link
  • Print friendly Print with Dell

Did you find this article useful?
51 out of 76 people found this useful


Talkback

Post a comment


Full Talkback thread

1 comment

  1. yahoo instant messenger is the best! Anonymous

Related Links

More In Online business


Company/Topic Alerts

Create a new alert from the list below:







Related Jobs

Business Support Commodities ( VBA / Excel / SQL / UNIX ) London

He will fix the desk applications issues in liaising with the IT teams (Development and Infrastructure) and the users to understand their queries and ...

Internet Team Leader

To ensure that all Linux related SLA/KPI availability and fix times are met. Responsibility for maintaining the integrity of the networks ...

Sales Director, Northern EMEA. Global Business Solutions Provider

Within Energy & Utilities, they focus on Generation, Energy Delivery, Fuels, Water, Financial Consulting, Government, and Oil and Gas. My client is a ...

Sentry Posts Blog

Skype - The Roach Motel

Here is an interesting article from The National Business Review, pointing out once again that you can never delete a Skype account. Never. Period. This is something I am familiar... More

Post a comment

The vPhone: Why Visa Should Go Mobile

The vPhone: Why Visa Should Go Mobile Author: Eric Everson, Founder MyMobiSafe.com With all of the success of Apple’s iPhone, there is a growing case to support a company like Visa... More

Post a comment

The Google Apple Merger: Fantasy or Fu...

The Google Apple Merger: Fantasy or Future? Author: Eric Everson, Founder MyMobiSafe.com Market research suggests that Microsoft controls upwards of 90% of the respective computer-based... More

2 comments

Featured Talkback

I wonder, who needs .asia domain? I cannot imagine, what would be useful for Microsoft.asia? Toyota.asia? Then let's register .europe (if .eu is too short). Or perhaps Microsoft.southamerica, Dell.australiaandnewzealand, Coca-Cola.africa... Sound funny? Then why not just use the global and country domains? Or perhaps it is time to drop the domains at all?

By: LadyRoot

Read full story:
Businesses advised to register .asia domains