A number of critical bugs have been discovered in Yahoo Messenger that could potentially allow hackers to take control of a user's PC or even a company network.
The flaws, which were found by eEye Digital Security, allow remote execution of arbitrary code with only minimal user interaction when Yahoo Instant Messenger v8.0 software is loaded.
Commenting on the story, Phil Higgins, a senior partner with Brookcourt Solutions, the value-added systems integrator, said that Instant Messaging (IM) poses a serious security problem for any business PC user.
The problem with IM is that it punches holes through IP network security. IM may be useful for home PC users, but from a business perspective, it is anathema to IT security, he said.
We advise our clients, who include major retail banks and enterprises, to use alternatives to IM for this reason. Firms can often use Internet telephony technology, which includes a chat facility, or good old email, which has the advantage that an audit log is created for the transmissions, he added.
According to Higgins, as more and more companies embrace corporate governance and compliance issues, as required under the Companies Act 2006, the provisions of which are progressively becoming law, audit logs will be required for all business electronic communications.
Creating audit logs for IM are an expensive and unnecessary cost. With so many other electronic communication options available, using IM in a business environment really is an IT, financial and legal headache, he explained.
For more on the Yahoo Messenger flaws click here
Serious flaws discovered in Yahoo Messenger
A number of critical bugs have been discovered in Yahoo Messenger that could potentially allow hackers to take control of a user's PC or even a company network
