CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
December 5th, 2011

Unpatched Yahoo! Messenger Flaw Allows Status Updates Remote Hijacking

Security researchers have discovered an unpatched flaw in Yahoo! Messenger that allows miscreants to change any user’s status message.

Hijacked status updates are a handy way to persuade a victim’s contacts to click on a link and lead them to a dangerous website. Worse still, the bug in version 11.x of the Messenger client requires minimal user interaction to work, unlike previous exploits that relied on conning prospective marks.

The attacker sends a supposed file to a target that is actually an iframe that swaps the status message for the attacker’s customized text, as explained in a net security firm BitDefender blog. The message might be, and in most attack scenarios would be, sent firm outside a targeted user’s contact list.

If successfully executed, a victim will have no indication that his or her status message has been rewritten. The ruse might be used to gain affiliate incomes by promoting dodgy sites as well as directing users towards sites loaded with exploits or scareware scams.

Bitdefender said it has notified Yahoo about the vulnerability. Attacks based on the as yet unfixed flaw have already been detected in the wild, the Romanian security firm warns.

It advises users to change the setting of their IM client to “ignore anyone who is not in your Yahoo! Contacts” (which is off by default) as a precaution pending the release of a patch. In addition, some security suites include a web filter function that ought to defend users from this attack.

Credit: The Register

Share this item with others:

More on CyberInsecure:
  • ICQ 6 Personal Status Processing Vulnerability
  • Unpatched 0-day PDF Flaw Harnessed To Launch Targeted Attacks
  • Yahoo! Messenger Users Infected By New Worm, Form An IRC Botnet
  • Advanced Social Engineering Worm Infects Yahoo! Messenger And Skype Users
  • Cross-site Scripting Vulnerability On Yahoo’s HotJobs Site Exposes Yahoo Accounts

    • Posted in Privacy, Software, Vulnerabilities | Print This Post Print This Post

    This entry was posted on Monday, December 5th, 2011 at 3:05 pm and is filed under Privacy, Software, Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Unpatched Yahoo! Messenger Flaw Allows Status Updates Remote Hijacking

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »