Network News

X My Profile
View More Activity

A Heads-Up For Yahoo! Messenger Users

People who use Yahoo! Messenger to video chat online with friends and family should be extra wary of incoming chat invitations from strangers. Reports suggest the presence of a previously unknown security hole in the software that attackers could use to install malicious software just by convincing recipients to accept a video chat invite.

The warning comes from anti-virus maker McAfee, which says it confirmed the existence of the flaw after reading about it on a Chinese-language security forum. The vulnerability is present in fully patched, current versions of Yahoo! Messenger (version 8.1.0.413).

By Brian Krebs  |  August 16, 2007; 12:02 PM ET
Categories:  Latest Warnings , Safety Tips  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Microsoft Fixes 14 Software Security Flaws
Next: Would You Like A Job With That Virus?

Comments

This means McAfee have people who have learned to read Chinese?

Posted by: Rick | August 16, 2007 2:15 PM | Report abuse

I get these unsolicited greetings constantly on Yahoo. They always say hi sexy. Thanks for the warning.

Posted by: ej passeos | August 17, 2007 2:38 AM | Report abuse

I congratulate McAfee on its interest on Chinese Security Forums, that means they are on their toes, as any smart business outfit should be. Back twenty years ago, when my children were about 8 years old, (20 years ago) I told my wife I wanted to take the family to China for about 7 to 10 years. I figured that if they learned to speak, read and write Chinese acceptably, it would open great opportunities for them. Of course, my wife said I was nuts...

Posted by: Carlos E Ferrero | August 18, 2007 5:27 AM | Report abuse

yahoo:
poreno bots.
seldom works correctly.
is not currently working correctly on 8.19/8.20.
poreno bots
poreno bots
yahoo 360 doesn't work
poreno bots
yahoo 360 hasn't worked in six months
poreno bots

Posted by: egalitaire | August 20, 2007 4:48 AM | Report abuse

Yahoo Messenger has a lot more security flaws than mentioned. My fiancée and I, she lives in Ghana West Africa, we are constantly being blocked from chatting with each other. Suddenly we can't see what each other are typing, and we are prompted often that our id doesn't exist, and our passwords are being changed. All of my emails are removed from my accounts, and I have had more than 4 id's hijacked and taken over. Every time I sign into Yahoo messenger, I get a very strong feeling that our chat is being monitored and manipulated, she seeing thing I didn't say, and I'm seeing things she didn't type either sometimes. I am intentionally blocked from chatting with her, while I am able to chat with anyone else in the same Café where she maybe, or one or both of us changing id's.

Posted by: Fred E Robinson Jr | August 20, 2007 10:34 AM | Report abuse

Yahoo has so many problems on messenger, I wonder why they have it. Outside of Yahoo groups, nothing else they have works...

Posted by: pghman | August 20, 2007 1:00 PM | Report abuse


Why is Yahoo still in business? What do they do that someone else doesn't do better? Is it just shear size and inertia that is keeping them alive?

Posted by: me | August 20, 2007 3:15 PM | Report abuse

Yahoo Chat has been down for about a month now. Why don't they fix that? And get rid of ALL the porn bots, and the malicious booters in the rooms.

Posted by: AR | August 20, 2007 5:44 PM | Report abuse

i also used to get such kind of greeting while chatting. thanks you for your information.

Posted by: webmaster | August 21, 2007 3:41 AM | Report abuse

Update/fix released. See:
> http://messenger.yahoo.com/security_update.php?id=082107
Do I need to update Yahoo! Messenger to the new version?
Yes, if you are using a version of Yahoo! Messenger obtained before August 21, 2007...

Yahoo! Messenger 8.1.0.416
> http://www.majorgeeks.com/download.php?det=4235
Date: 2007-08-22
.

Posted by: J. Warren | August 22, 2007 2:01 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company