Attack code that targets Yahoo Messenger has been published on the Internet, a security researcher warned today, marking the ninth exploit aimed at the popular instant messaging software so far this year.
In a posting to the milw0rm.com Web site, someone identified as “shinnai” disclosed malicious Visual Basic code that allegedly lets attackers feed any file to users of the latest version of Messenger. The exploit code successfully executes on a fully-patched PC running Windows XP SP2, shinnai said, although the effect depends on the security settings of Internet Explorer (IE).
According to an e-mail alert from nCircle Network Security Inc., hackers armed with the exploit could force-feed malware such as a Trojan horse to vulnerable users. It was nCircle that pegged the latest zero-day threat against Messenger as No. 9 for the year.
IE’s security, however, can mitigate an attack. Users running the newer IE 7 with default security settings will probably be protected.
“This latest exploit is another data point in the strong trend toward IM client attacks,” said Andrew Storms, nCircle’s director of security operations. “IM vendors jockeying for market share are trying to lure new users with new features that also open up new risks to end users.”
Yahoo!, Yahoo Messenger, Security, Vulnerability, Flaw, Exploit, Ninth Exploit, Zero-day