Network News

X My Profile
View More Activity

Yoo-Hoo! Do You Yahoo?

Yahoo! is urging users of its Yahoo! Messenger instant messaging software to update the program with a patch plugging a serious security hole that bad guys could use to break into PCs.

yahoo.jpg

Anyone who downloaded the program prior to Mar. 13, 2007 should download and install the latest version fixing the problem. If you're not sure when you downloaded it and you happen to keep old installer files like I do, look for a file called "msgr8us.exe" in the downloads folder. Check the date and time stamp next to it. If you can't find the old installer file, download the newer version of the IM software.

According to TippingPoint, the security research company that reported the vulnerability, the flaw could be exploited to install spyware on a Yahoo! IM-enabled machine if the user visits a specially crafted, malicious Web site.

By Brian Krebs  |  April 4, 2007; 4:15 PM ET
Categories:  Latest Warnings , New Patches , Safety Tips  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Microsoft Issues Emergency Patch
Next: Patch Tuesday Comes Twice in April

Comments

I just updated. That took two minutes.

Then, it took at least 10 minutes to find and uninstall all the additional "features" installed at the same time. I had toolbars in IE7 AND in Firefox. I had something called Yahoo! Internet Mail. I had icons all over everywhere. When you install, you are told you're getting toolbars; you don't have a choice. You're not told (and there is no "custom" install) that you're getting another whole load of crap.

I'm kind of good at this stuff, so I dug it out and ran a registry cleaner. I wonder if the target Yahoo!Messenger user is aware/able/willing to do that.

At least they're warning us about the toolbars. I still think we should be able to decline.

Posted by: catester | April 4, 2007 6:53 PM | Report abuse

Absolutely correct. Yahoo's intrusiveness is far beyond reasonable. It's arrogant, rude, heavily presumptuous and overtly contemptuous of the "common citizen."

This has been their approach for years, when they long ago convinced various phone companies to ship completely unnecessary CD-ROMS to new DSL subscribers of the phone-company-cum-ISP's. If you didn't know any better (that you did not need anything on the CD to establish an Internet connection with your ISP), and inserted it, it went about installing all sorts of stuff which basically dominated your Internet experience - and your computer.

Now that Yahoo IM is "fixed" to force the user into a two-hour cleaning ordeal, never being certain they've eradicated everything unwanted, they demonstrate maximum contempt for their users.

The name "Yahoo" suggests a fun and friendly firm to be "a part of," but the reality appears quite different. Maybe all that cash has suffocated their common decency.

Posted by: Dismayed | April 5, 2007 4:00 AM | Report abuse

While I don't disagree with catester or Dismayed in general, there was an option on my install screen for "Custom Install" which allowed me to only install the IM client.

My beef is that they force you to "opt out" rather than let you "opt in."

Posted by: DLD | April 5, 2007 9:25 AM | Report abuse

DLD - You're right. I just started the installer again, and there IS a custom install option several screens in. I missed it the first time. Thanks.

Posted by: catester | April 5, 2007 3:46 PM | Report abuse

Use GAIM.

Posted by: DOUGman | April 5, 2007 7:32 PM | Report abuse

The problem I have is they make the software push at you so hard that several people end up installing messenger or the toolbar hard to avoid.

While it may be easy for you or me to avoid it I have had to go around to family member's places and remove all these little addons from their computers. The custom install frightens away novice users. Which of course are the same people who will be slow to upgrade.

Posted by: MichaelD | April 5, 2007 7:44 PM | Report abuse

GAIM doesn't have voice!

Posted by: Swashbuckler | April 6, 2007 1:50 PM | Report abuse

Dismayed,
The name,"Yahoo," should have been seen as a warning, not an invitation.
The name in general use comes from the last book of Gulliver's Travels, in which the, "Yahoos," are uncouth, unstrustworthy jerks - and I always thought that should give people pause in their dealings with the company.
dijit44

Posted by: dijit44 | April 6, 2007 3:16 PM | Report abuse

Re: GAIM doesn't have voice!

It will soon, for now you can use Google Talk or Skype.

D.

Posted by: DOUGman | April 6, 2007 9:01 PM | Report abuse

"The name in general use comes from the last book of Gulliver's Travels, in which the, "Yahoos," are uncouth, unstrustworthy jerks"

In Turkish, 'Yahu' is a familiar form of address, literally meaning 'uncouth fellow'. Although quite derogatory when used with strangers, it's used in informal situations quite casually.

In AE, it's meaning lies somewhere between 'dude' and 'jerk' according to context.

Posted by: FreewheelinFrank | April 7, 2007 3:43 AM | Report abuse

Dijit44 & Frank -

Thank you both for the intriguing lexicological lesson(s).

To contribute, I just looked it up myself in my dictionary and besides the Gulliver tales, it also says it means a "boorish, crass or stupid person."

That must be what Yahoo thinks of the consumer, which seems to explain everything.

Posted by: Dismayed | April 7, 2007 4:49 AM | Report abuse

"I just looked it up myself in my dictionary and besides the Gulliver tales, it also says it means a "boorish, crass or stupid person.""

Yes, it's in the Concise Oxford Dictionary. I suspect it's one of several words that have entered the English language from Turkish, along with 'bosh' (empty, foolish) and the more well known 'yoghurt'.

I suppose the internet company could be named after the exclamation of joy, but it that case it should be pronounced Yahoo' rather than Ya'hoo.

Posted by: FreewheelinFrank | April 7, 2007 7:19 AM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company