We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Yahoo fixes Messenger flaw

Yahoo IM client now patched

Yahoo has fixed a serious vulnerability in its Messenger instant-messaging client. The critical bug in Yahoo Messenger could allow hackers to take control of a user's system.

More: Critical flaws found in Yahoo Messenger

Yahoo posted the instant messenger patch last week. The patch fixes a critical flaw in the ActiveX control used by Messenger's Webcam feature. According to security experts, this flaw could be exploited by hackers to install unauthorised software on a victim's PC.

The patch came after two sample attacks that exploited the vulnerability were posted to the Full Disclosure security discussion list.

EEye Digital Security first reported the issue on Wednesday, without disclosing specific details of the bug.

The security vendor considers the flaw to be serious. "ActiveX remote code execution vulnerabilities have very high impacts since the source of the malicious payload can be any site on the Internet," eEye said in its alert.

This is the third time in recent months that Yahoo has had to patch an ActiveX control flaw in Messenger. It patched these other bugs in March and December.

Get the latest PC security news, reviews and downloads here


IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model