Yahoo releases Messenger security update

Update addresses flaw exploited last week, wherein opening a Webcam invitation could allow a remote attacker to execute malicious code on a compromised machine.

On Tuesday, Yahoo released an updated version of Yahoo Messenger, designed to patch a vulnerability in the Webcam feature first exploited last week.

The China-based exploit causes a heap overflow to be triggered when the target accepts a Webcam invitation. After opening an invitation, a remote attacker could execute malicious code on a compromised machine.

Users who downloaded or had installed Yahoo Messenger prior to August 21 should update to the latest version, Yahoo Messenger version 8.1.0.416.

Featured Video