Security

New zero-day Yahoo Messenger bug found


Yahoo Messenger bugResearchers at McAfee have verified and reproduced a zero-day bug first reported by Chinese researchers pertaining to the Webcam functionality on Yahoo Messenger.

The bug was reproduced on the most recent version of Messenger as of today, which is V8.1.0.413.

Wrote McAfee researcher Wei Wang:

It seems like a classic heap overflow, which can be triggered when the victim accepts a webcam invite.

Yahoo's security has been notified of the problem. According to a Yahoo's spokesman in an e-mail to InformationWeek:

Since learning of this issue, we have been actively working towards a resolution and expect to have a fix shortly. Yahoo takes security seriously and consistently employs measures to help protect our users.

No exploit code for this new flaw has been published yet. It is noted that this vulnerability is different from another one that was patched in June.

For now, you should stop accepting Webcam invites from untrusted sources until a patch for this flaw has been released and installed. Additionally, McAfee also recommend that you block outgoing traffic on TCP port 5100.

In the meantime, perhaps you might like to share with us about what motivates your choice of IM.

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

6 comments
BALTHOR
BALTHOR

The only way that a hacker can invade and control a computer is with a virus.As soon as you get on the Internet a virus file is placed in your computer.These virus could be even in a temp folder on your drive.No virus---no problems.

hlhowell
hlhowell

A worm requires no interaction. A virus is generally a bit of code that self replicates within a system or network. A virus needs a medium to spread (typically an email attachment of some kind). There are a variety of critters that can affect your system. Get and use the best products you can for protection, keep your firewall up to date, and don't open emails or webpages that you are not sure of the content. These are the 20% things that will cover the 80% of problems the rest is somewhat up to your ISP and your mail filtering, along with the correct updates to your antivirus products. A zero day threat is one that has not been discovered and can be utilized by a black hat to take control of your system in some way. It is called a zero day threat because no one knew about it before, and therefore there is no protection against it yet. When you see an alert like this, check the source. Sometimes people who post them are not knowledgeable. Check the Norton or McAfee or AVG website to see what is available on that threat. There are other places to look as well, but these are consumer oriented and generally easier to understand. Regards, Les Howell

paulmah
paulmah

What motivates your choice of IM?

martian
martian

Personally, I do use IM. But since most of them end up having so many unnecessary "features" (bloat) I always end up using one of the lesser known clients to connect to the mainstream services. I used to use Gaim (now called Pidgin) but recently moved to MirandaIM for the simple convenience of their portable version, which I use on a usb key. And being an "all-in-one", I can use it for both Yahoo and MSN and four others, should I choose to use them. So it doesn't support webcams. Do I need this? Nope. File transfers? yes for MSN, not sure for the others. But in any case, it serves my needs without having to install a bloated, vulnerable POS, and even better, I don't have to install anything. Remember the days of the old DOS programs that were all self-contained in ONE folder structure and could be moved around and STILL WORK afterwards? Yeah. Like that. My $0.02