Yahoo has released an update for its Instant Messenger software shortly after researchers posted code that exploits flaws in the application.
The 'critical' vulnerabilities in the ActiveX component that controls webcams could allow an attacker to take control of a system by luring users to a specially crafted website or email message.
Researchers took less than 24 hours to create the exploit code after eEye published its advisory. The exploit has since been widely distributed through well known security sources including the Full Disclosure security mailing list.
Yahoo has urged users of the "All New Yahoo Messenger" to update to the latest version of the software. The application will prompt users of the available update when they sign-on.
Mobile payment app makes users' details public by default
2,400 signatures gathered against the development and production of lethal robots
New Aston Martin flying car could take the wealthy from London to Birmingham in half an hour
With £6.7m in initial funding, Mosa Meat could be the first company to offer lab-grown meat to the public