A patch for YIM has been released, in response to a zero-day vulnerability being discovered. The flaw is so severe that Yahoo crafted and released the patch in less than a single day after first discovery, and have released a security advisory regarding it, urging anyone using YIM to update immediately. The problem, initially discovered and reported on early this week, affects Yahoo Messenger 8.0 and 8.1 running in Windows. The Mac and Linux Yahoo clients are not affected.

If you use YIM on Windows, you can update to the newest version at Yahoo's site. Given the particularly critical nature of the exploit, it is a good idea to update as soon as possible.