Update fixes critical vulnerability in Yahoo Messenger
Yahoo Messenger users should install the latest update from Yahoo. It fixes a critical security vulnerability in an Active X control (ymmapi.dll), which could be exploited by an attacker to gain control of a computer. The victim merely needs to visit a prepared website - a link to such a site could, for example, be included in an e-mail. According to Yahoo, Messenger versions prior to 2nd November are affected. Users are prompted to install the update when they sign in to Messenger.
- Yahoo Messenger, click here to download the update
- Yahoo! ActiveX Update, bug report from Yahoo
(trk)