Yahoo! users are urged to upgrade their instant messaging software following the discovery of a brace of security vulnerabilities - the second set of serious security flaws involving Yahoo! Messenger in as many weeks.

The latest security bugs both stem from stack-based buffer overflow flaws in the YVerInfo.dll ActiveX control. Successful exploitation, which is far from straightforward, creates a means for hackers to inject hostile code onto systems running vulnerable versions of Yahoo! Messenger.

In order to exploit the bugs, hackers would need to establish a malicious web page in the yahoo.com domain, which might be done by methods such as a cross-site scripting vulnerability or by manipulating DNS resolution, security notification firm Secunia reports (http://secunia.com/advisories/26579).

The vulnerabilities affect versions of Yahoo! Messenger 8.x prior to version 8.1.0.419, released late last week. Users are urged to upgrade.

More background can be found in security advisories from Yahoo! (here (http://messenger.yahoo.com/security_update.php?id=082907)) and iDefense (here (http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=591)), the firm that discovered the bug.

Last month security researchers identified an even more serious bug - again involving a dodgy ActiveX control - that meant users were exposed to attack providing they accepted a webcam invite from a hacker. ®

Related stories

Exploit for 'extremely critical' Yahoo Jukebox vuln goes wild (5 February 2008)
http://www.theregister.co.uk/2008/02/05/yahoo_jukebox_vuln/
Stay ahead of Web 2.0 worms (7 January 2008)
http://www.theregister.co.uk/2008/01/07/xss_tactics_strategy/
Rogue ActiveX controls menace users (24 October 2007)
http://www.theregister.co.uk/2007/10/24/activex_vulns/
Yahoo! In! Ninth! Circle! Of! Security! Hell! (20 September 2007)
http://www.theregister.co.uk/2007/09/20/yahoo_0day_menace/
Doomwatchers sound Windows and IE vuln alarm (19 September 2007)
http://www.theregister.co.uk/2007/09/19/new_vulnerability_reports/
Yahoo! hopes Mash will be a monster (18 September 2007)
http://www.theregister.co.uk/2007/09/18/yahoo_mash_social_networking/
Yahoo! swallows! BlueLithium! (5 September 2007)
http://www.theregister.co.uk/2007/09/05/yahoo_acquires_bluelithium/
Yahoo!, Microsoft ink web pact with Chinese government (24 August 2007)
http://www.theregister.co.uk/2007/08/24/yahoo_and_microsoft_ink_chinese_blogging_pact/
Yahoo! Messenger! users! face! attack! by! video! (16 August 2007)
http://www.theregister.co.uk/2007/08/16/yahoo_messenger_vuln/
Yahoo! faces! investigation! over! China! (6 August 2007)
http://www.theregister.co.uk/2007/08/06/yahoo_china_committee_investigation/
Text bug blights Trillian (19 June 2007)
http://www.theregister.co.uk/2007/06/19/trillian_bug/
Yahoo! fixes bug that gave free rein to user accounts (15 June 2007)
http://www.theregister.co.uk/2007/06/15/yahoo_xss_error/
Yahoo! patch squashes messenger bug (8 June 2007)
http://www.theregister.co.uk/2007/06/08/yahoo_bug_squashed/
Skype worm leaps onto MSN (24 May 2007)
http://www.theregister.co.uk/2007/05/24/skype_msn_worm/
Skype IM malware smut surfaces (16 April 2007)
http://www.theregister.co.uk/2007/04/16/skype_malware/