Yahoo Messenger flaw is unpatched. The zero-day flaw allows remote attackers to mess with users' status messages. It affects Yahoo Messenger right up to the recently-released 11.5.0.152-us version. Bitdefender security researchers warned that this type of attack is dangerous due to basic trust principles. Your friends and family see your status update, and if it contains an innocent looking link, they would be a lot more likely to click-through than if they just received unsolicited spam. The flaw is exploited when the rogue attacker simulates sending a file to a targeted user. The bogus file transfer tricks Messenger into loading an iFrame which then changes the status message to whatever the attacker wants it to be. The iFrame comes over as a regular message from another Yahoo Instant Messenger user, even if the user isn't in the victim's contact list. You should change your Yahoo Messenger settings to ignore people not on your contact list if you are worried about being targeted, but that won't stop your friends status messages from being changed, so stay vigilant. Permalink | Comments |
Sunday, December 4, 2011
Yahoo Messenger exploit spams your friends
Subscribe to:
Post Comments (Atom)
Total Pageviews
My Blog List
-
-
-
-
-
-
-
-
26 Beautiful Horse Pictures7 years ago
-
The Passing of Neil Peart4 years ago
-
Happy International Rush Day!3 days ago
-
-
-
-
-
Popular Posts
-
https://www.youtube.com/watch?v=ME-bLr7mGL4&feature=youtube_gdata_player
-
Think Floyd - "The Definitive Pink Floyd Experience" live in concert - UK 2014 Tour | All Pink Floyd ... https://www.google.com/ur...
-
https://www.youtube.com/watch?v=QS29hC5sKzM&feature=youtube_gdata_player
No comments:
Post a Comment