YIM and AIM under attack from zero-day exploits

By Justin Mann on September 19, 2007, 4:28 PM
Just when Yahoo thought they'd fixed up their messenger, new exploits surface. Today, both AOL Instant Messenger and Yahoo Instant Messenger had vulnerabilities disclosed for them from third party sources.

The exploit on the AIM side isn't terribly severe, at least according to Secunia, whom is rating the AIM exploit as “Less Critical”. It can be exploited if you accept anonymous messages, so disable those if you are concerned about the issue.

For Yahoo, it's a bit bigger of an issue. This is not good news for YIM, which is now dealing with the third severe hole found in the past three months. Example code is linked which can demonstrate the vulnerability, and it could easily lead to a machine being compromised.




Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.