Yahoo Messenger Webcam Vulnerability

Yahoo! Messenger is still suffering from a webcam vulnerability reported on a McAfee security blog earlier this week.

The security bug is described as a 'heap overflow' and can only be exploited if you accept a webcam invitation. Until Yahoo issues a patch, you can avoid the problem by simply not accepting webcam invitations unless you know the person sending the invite. It’s advisable to block outgoing traffic on TCP port 5100 until the vendor patches this vulnerability.

Yahoo! to drop support for Y! Messenger 7.5 April 2nd

Yahoo! have started posting on various help pages that support for Y! Messenger 7.0 / 7.5 will be no longer available as of 2nd April 2007 and suggesting we all upgrade to version 8.1

Makes me wonder with the recent intergration with WML, are they looking at a new login system or protocol. Hmmmm.....

IMPORTANT NOTICE
As of April 2nd, 2007, we will no longer offer customer support for Yahoo! Messenger 7.5. We recommend that you upgrade to the latest version of Yahoo! Messenger. We will keep these help pages available online should you continue to use this version and have basic questions that these pages can answer.

Y! Mail & Messenger Together At Last

Well the good folks at Yahoo 7 have finally caught up with Google and intergrated both their mail and messenger service from the mail inbox.

Now you can type an email to a friend, but they come online duing that email you can follow the onlince notifcation and start an instant messege chat! And of course once that chat is finished the transcript can be easily emailed to the user the user.

As this is another new feature to try gain market share over competitors, the service will be rolled out to users in various stages. But if you cant wait that long and need a sneak-peak, the team Yahoo Mail Blog have put together a screencast of the features and how to use the service. (click image below for screencast)

Yahoo! ActiveX Vulnerability

A vulnerability has been reported in Yahoo! Messenger, which potentially can be exploited by malicious people to compromise a user's system in Yahoo! Messenger versions 5.x, 6.x, 7.x, 8.0.x

The vulnerability is caused due to an unspecified error in an ActiveX control and can be exploited to cause a buffer overflow.

The vulnerability is reported in versions obtained prior to Nov 2, 2006. Such buffer overflow's are commonly used by "booter" programs to crash your Yahoo client.

It is strongly recommended that you update to the latest version of Yahoo! Messenger, everytime you log into an older version you will automatically be prompted to update.

Security Update - Yahoo! Messenger

Top IM in Customer Satisfaction

Yahoo! Messenger -- according to a recent customer satisfaction survey conducted by J.D. Power and Associates. For their 2006 Residential Online Service Customer Satisfaction Study, they surveyed 10,787 residential U.S. customers to determine the customer satisfaction index on a 1,000 point scale.

Yahoo came in first, followed by MSN/WLM Messenger, then Windows Messenger. AIM came in last.

There were a couple of interesting trends revealed by the study. First, among customers reporting that they used IM on a regular or occasional basis, almost 70% reported that IM had, to some degree, replaced their use of traditional phones.

But perhaps more revealing was the fact that the percentage of Internet users who use IM regularly was virtually unchanged from last year.

"One of the trends we see in the 2006 study is that the percentage of Internet users who use IM on a daily basis is essentially unchanged from 2005 at 36 percent," said Frank Perazzini, director of telecommunications research at J.D. Power and Associates. "This indecates that some of the usage gains we are seeing in text messaging in our wireless studies are coming at the expense of IM usage."

Here's how the various IM programs ranked (based on a 1,000 point scale):

• 791 - Yahoo! Messenger


• 782 - MSN Messenger (includes WLM)


• 766 - Windows Messenger (preinstalled with XP)


• 766 - Instant Messaging Average


• 746 - Google Talk


• 744 - Trillian


• 743 - AIM/AOL Instant Messenger

ChatPatrol 1.93 supports Yahoo to Windows Live Messenger chat

ChatPatrol v1.93 features support for Yahoo Messenger 8 to Windows Live Messenger chat.

The new version also contains support for multi-party chat when using Windows Live Messenger or MSN Messenger. Now you can invite multiple users to join your secure MSN or Windows Live Messenger chat sessions, the only requirement is that each user has ChatPatrol installed.

ELMTree Software continues to offer compatibility with third party clients like Trillian and GAIM.

ChatPatrol is available for download www.chatpatrol.com

Yahoo Sign-in Seal

In an attempt to help reduce identity theft and phishing scams Yahoo have released a new sign-in feature called Sign-in Seal. This basically works similar to internet banking, but Yahoo lets you create a short Text seal or Image seal or a Sign-in color.

The seal is associated with your computer not your Yahoo ID, so every computer you use you will need create the seal. With the increase in phishing and fake log in sites, especially those on Yahoo Geocities, this should prevent ID theft.