Yahoo Messenger's Webcam invites may cause trouble

A new zero-day attack uses Yahoo IM Webcam invites to infect PCs.

There's a new zero-day attack in progress against Yahoo Messenger users. The instant messaging solicitation invites users to open their Webcam. However, the code used in this China-based exploit causes a heap overflow to be triggered when the target accepts a Webcam invitation. That means a remote attacker could execute malicious code on a compromised machine.

The McAfee security blog recommends the following: do not accept Webcam invites from untrusted sources until a patch is released, and block outgoing traffic on TCP port 5100 on your firewall until a patch is released.

Yahoo has been informed and says it is working on a patch.

Featured Video

Google Cardboard getting an upgrade?

The virtual reality headset may come in a new form this year. Meanwhile, the Super Bowl was streamed online in record numbers, and there are theories to why Venmo had troubles after the big game.

by Bridget Carey