Home > Computers and Internet, Security > Yahoo Plugs Critical Security Hole in Web Mail Service

Yahoo Plugs Critical Security Hole in Web Mail Service

by Shivaranjan on August 17, 2006

ADVERTISEMENTS

Yahoo Inc. said that it has fixed a critical security hole in its webmail service which could have allowed hackers to hijack users accounts. All the Yahoo mail users need not worry as they have to do nothing from their side.

We have developed a fix for this bug and have deployed it worldwide. Yahoo Mail users will not be required to take any action to be protected from this exploit,” said Kelley Podboy, a Yahoo spokeswoman, via e-mail.

The problem was Yahoo Mail’s handling of attachments. By creating an HTML attachment with different encoding schemes, one could have bypassed Yahoo Mail’s security filter and executed malicious JavaScript code, Bachar said via e-mail.

The problem was Yahoo Mail’s handling of attachments. By creating an HTML attachment with different encoding schemes, one could have bypassed Yahoo Mail’s security filter and executed malicious JavaScript code, Bachar said via e-mail.

It was also possible to steal the recipient’s Yahoo Mail cookie, hijack the session and gain access to the person’s in-box. “This attack vector could be used to launch a variety of other more sophisticated attacks,” Bachar wrote. These could include unleashing worms, installing keylogger programs, phishing, and scanning ports on the PC.

Via PCWorld

Did you enjoy this article? Please subscribe to RSS Feed to receive all the updates!

Related Posts:

  • No related posts found

{ 1 comment… read it below or add one }

Margarito October 11, 2014 at 11:07 am

This informative article discusses the 5linx compensation plan and if it’s definitely easy for
someone to generate a good sized income if you be a part of this business opportunity.
He believes that you can bring in the traffic you need to your website without having to contact a single person online.
The MLM company also deal with Broadband web and satellite television.

Leave a Comment

Previous post:

Next post: