Critical update for Trillian released

By Justin Mann on June 19, 2007, 11:08 AM
Following the discovery of a fairly severe security flaw, the popular conglomerate messaging suite, Trillian, has been updated. Yesterday, Cerulean Studios released version 3.1.6.0 of the program, which is available for download already. The flaw was initially noticed back in May, but was not made public until recently.

Like many flaws of this nature, it can lead to code execution and ultimately system compromise:

Exploitation of this vulnerability could allow remote attackers to execute arbitrary code with the credentials of the currently logged on user.
Exploitation occurs simply by viewing a malicious message that contains a specially constructed UTF-8 string.

Whether or not people have been affected by this flaw isn't posted on the Trillian blog. If you are using a 3.x branch of Trillian you should update when you can.




Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.