TechSpot means tech analysis and advice you can trust. Read our ethics statement.
Following the discovery of a fairly severe security flaw, the popular conglomerate messaging suite, Trillian, has been updated. Yesterday, Cerulean Studios released version 188.8.131.52 of the program, which is available for download already. The flaw was initially noticed back in May, but was not made public until recently.
Like many flaws of this nature, it can lead to code execution and ultimately system compromise:
Exploitation of this vulnerability could allow remote attackers to execute arbitrary code with the credentials of the currently logged on user.
Exploitation occurs simply by viewing a malicious message that contains a specially constructed UTF-8 string.
Whether or not people have been affected by this flaw isn't posted on the Trillian blog. If you are using a 3.x branch of Trillian you should update when you can.