Zero-day exploits attack Yahoo, AOL instant messengers

Code could put millions of IM users at risk to new attacks.

Zero-day exploit codes targeting Yahoo and AOL instant-messenger services could put frequent IM users at risk to new attacks.

A non-vendor disclosed vulnerability within Yahoo Messenger has been exploited by two different code releases Wednesday. This is the third security glitch for Yahoo Messenger in as many months. There is no workaround or patch available yet for these exploits.

A second non-vendor disclosed vulnerability in AOL Instant Messenger targets how users are notified of new IMs. Security vendor Secunia recommends that current AIM users disable that option until a patch is available.

ZDNet blogger Ryan Naraine has more information and links to the exploit codes.

 

ARTICLE DISCUSSION

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

Hot on CNET

The Next Big Thing

Consoles go wide and far beyond gaming with power and realism.