Yahoo bug puts 60 million users at risk
The latest version of the popular Yahoo Instant Messenger software has been hit by multiple vulnerabilities which may allow an attacker to hijack another user's machine - putting 60 million users at risk.
The latest version of the popular Yahoo Instant Messenger software has been hit by multiple vulnerabilities which may allow an attacker to hijack another user's machine - putting 60 million users at risk.
According to security researcher Phuong Nguyen, of security firm Vice Consulting, the flaws allow unauthorised execution of programs on an instant messenger user’s machine via buffer overflows or injections of Java or Visual Basic script in the instant messenger content tabs.
‘The net impact is to allow a relatively simple opportunity to hijack users’ YIM client outright, and use it to attack or intrude into YIM users’ supposedly private information systems,’ said Nguyen.
Nguyen explained that potential attackers could use the exploits to request a YIM user’s ID and password and send it to an email address or internet URL, with minimum user intervention required.
Malicious code could readily be hidden in HTML pages or emails with text or images enticing YIM users to click on them.
Yahoo has responded quickly to the threat and has made a patched version of the software available for download on its website.
However, the repaired version will remove some functionality from the software until Yahoo can rewrite it with sufficient security.
The patched version can be downloaded here.
The numbers you crunch tell a story. Your expertis...
22yEmbracing user-friendly AP systems can turn the tide, streamlining workflows, enhancing compliance, and opening doors to early payment discounts. Read...
View articleOrganisations can enhance their financial operations' efficiency, accuracy, and responsiveness by adopting platforms that offer them self-service cust...
View articleIn a world of instant results and automated workloads, the potential for AP to drive insights and transform results is enormous. But, if you’re still ...
View resourceDiscover how AP dashboards can transform your business by enhancing efficiency and accuracy in tracking key metrics, as revealed by the latest insight...
View articleThe shift to cloud-based accounting marks a significant transformation, enhancing efficiency, collaboration, and data security, and setting new standa...
View articleOn February 28, Xero became the latest accounting technology provider to launch a new AI assistant. ‘Just Ask Xero’ or JAX was announced a...
View articleThe collaboration between OCR and AI in automating the AP workflow marks a significant stride towards operational excellence. Read More...
View articleThomson Reuters has successfully acquired Pagero, a Swedish e-invoicing and tax solutions company, for approximately $800 million. The content and tec...
View articleOrganisations can enhance their financial operations' efficiency, accuracy, and responsiveness by adopting platforms that offer them self-service cust...
View articleWith so many accounting software options on the market today, from QuickBooks to FreshBooks to Xero, it can be overwhelming for small business owners ...
View articleThe Horizon scandal has shed light on the crucial role of ethical practices in the accounting technology industry, and underscored the need for transp...
View articleAccountants in industry must upgrade wisely to help their businesses evolve, according to Nick Longden of AccountsIQ Read More...
View article