We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Three 'critical' bugs in Trillian IM app

Instant messaging users told to update now

Instant messaging client Trillian harbours three critical vulnerabilities that could be used to hijack their Windows Pcs, according to 3Com's TippingPoint security unit and bug tracking firm Secunia. TippingPoint has posted advisories for each, while Secunia collectively ranked the three as "highly critical" problems, its second-highest threat rating.

The bugs include one within the header parsing code for Microsoft's MSN instant messaging protocol, said TippingPoint's alerts; another involves how Trillian's talk.dll parses XML data; and a third is within messages sent via AOL's AIM instant messaging network.

The first two can be exploited by attackers without tricking the user into helping - simply receiving a maliciously-crafted message triggers those bugs - but the third requires recipients to open a malformed image file, said TippingPoint. All three could be used by hackers to remotely inject their own code onto the PC, added the security company.

Trillian is one of several IM clients that support multiple IM services, and lets users chat with contacts on AOL's, Microsoft 's and Yahoo 's networks, as well as people using ICQ or IRC.

Trillian's developer, Cerulean Studios, has updated the IM client to version 3.0.10.0 to patch the bugs. Version 3.0.10.0 can be downloaded from the Cerulean Studios website. Trillian runs on Windows 98, 2000, ME, XP and Vista.


IDG UK Sites

Samsung Galaxy Note 4 review: Great if you like big, expensive phones

IDG UK Sites

Why Sony's PS4 2.0 update is every gamer's dream (well, mine at least)

IDG UK Sites

This Grolsch ad combines stop-motion & CG for majestic results

IDG UK Sites

Apple rumours and predictions for 2015: What to expect from Apple in 2015