Graphical malware stopped in its tracks
By Jim Hu
Published: 16 August 2004 17:15 GMT
Yahoo! issued a security patch to fix a potential vulnerability in its latest instant messaging software, the company has announced.
The patch repairs a security hole stemming from Yahoo! Messenger's use of the portable network graphics - or PNG - format, an open-source code the program uses to display certain images, such as buddy list avatars.
The most critical issue, a memory problem known as a buffer overflow, could allow specially created PNG graphics to execute malicious programs when a vulnerable application loads an image.
Yahoo! posted a security update on its Yahoo! Messenger site.
"This affects users on the all new Yahoo! Messenger," said Yahoo! spokeswoman Terrell Karlsten. She added that the patch will not change any functionality on the service.
The site pointed specifically to a warning issued last week by the United States Computer Emergency Readiness Team's web site about the PNG vulnerability.
The security problems are in a library that lets applications such as browsers and instant messaging software handle PNG. The library is widely used by programs such as the Mozilla and Opera browsers and various email clients, but has also found its way into Microsoft's Internet Explorer, Apple's Mail software for the Mac OS X and Yahoo! Messenger for Windows. Most of these applications have been patched.
Jim Hu writes for CNET News.com
You will also have good experience of constructing sites to W3C and WAI standards for multiple browsers and of using JavaScript, and you will ...
One of our key clients is an independent, stable and well respected corporate data security specialist with a burgeoning Penetration Testing and ...
It is essential that candidates have in depth knowledge of VOIP, Networks, Telephony, instant messaging, Server Technology, Infrastructure System ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy