Vista ARTICLES TOP 50 Spyware Virus Vista SOFT Vista HELP

Yahoo Fixes Another Buffer Overflow Vulnerability in Messenger

Severity: Medium

30 August, 2007

Summary:

Late yesterday, Yahoo released an update that fixes a security vulnerability affecting any version of Yahoo! Messenger installed before August 29, 2007. By enticing a Yahoo! Messenger user into visiting a malicious Web page, an attacker can exploit this new flaw to execute code on that user’s computer, and possibly gain full control of it. If you use Yahoo! Messenger in your network, or suspect that your users have installed it, either remove it or install the latest version.

Exposure:

Yahoo! Messenger is one of the many Instant Messaging applications that allow users to send real-time, pop-up messages to each other over the Internet. Instant Messaging is popular enough that your users might have installed the Yahoo! Messenger client on a company computer whether or not your policy authorizes it.

Yesterday, Yahoo released an advisory describing a buffer overflow vulnerability in an ActiveX control that ships with all previous versions of Yahoo! Messenger. The buffer overflow flaw lies specifically in the ActiveX control called YVerInfo.dll. By tricking one of your Yahoo! Messenger users into visiting a maliciously crafted Web page, an attacker could exploit this flaw to execute code on your user’s computer, with your user’s privileges. If the user has local administrative privileges, the attacker could gain total control of the user’s machine.

If you read WatchGuard Wire, you may remember our post about a similar vulnerability in Yahoo! Messenger, caused by a flaw in a webcam ActiveX control. Yahoo fixed that flaw as well, last week. By installing this Yahoo! Messenger update, you fix both this new vulnerability and that older one.

Solution Path:

Even if your organization does not officially endorse the use of unsecured Instant Messaging, employees sometimes persist in trying to sneak Instant Messaging software onto company machines. If you suspect some of your users have installed Yahoo! Messenger, consider forwarding a warning about this vulnerability to all the users on your network. If your company policy does call for the use of Instant Messaging, you should download and install the latest version of Yahoo! Messenger (8.1.0.419).

For All Users:

This attack travels as normal-looking HTTP traffic, which you need to allow so your network users can access the World Wide Web. Therefore, installing the Yahoo update is your best solution.

Status:

Yahoo has released an update to fix this vulnerability.

References:

Secunia’s Yahoo! Messenger Security Advisory

Popularity: 1%

Written by bardissi. Read more great feeds at is source WEBSITE
no comments.
Read more articles on Watchguard and Non-Profits and Yahoo Messenger and Student Computing and Non-Profit Technology and Windows XP and Business Computer Support and Home Computer Support and Windows Vista.

[+] Digg: Feature this article
[+] Del.icio.us: Bookmark this article
[+] Furl: Bookmark this article

Seven Quicktime Buffer Overflows Affect Windows, Mac OS X (November 6th, 2007)
Watchguard Nominated by SC Magazine Best of 2008 (October 27th, 2007)
Update to â€œRealPlayer Vulnerability Discovered in the Wildâ€ (October 26th, 2007)
Adobe Reader and Acrobat Allow Attacks via PDFs (October 23rd, 2007)
Windows RealPlayer Vulnerability Discovered in the Wild (October 23rd, 2007)

No comments

There are still no comments on this article.

Leave your comment...

If you want to leave your comment on this article, simply fill out the next form:

You can use these XHTML tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong> .