Yahoo Inc. has fixed a flaw in its Web-based e-mail service that exposed Yahoo Mail users to serious attacks, including potential interception of personal data, security company Finjan Software Inc. said Wednesday. Yahoo's mail service contained a so-called malicious script execution flaw, according to Finjan. An attacker could send an e-mail containing malicious script and that code would automatically run once the user opened the message, the company said. If successful, an attacker could delete files on a victim's computer, steal personal information such as usernames and passwords, credit card numbers and any other information a user inputs on his computer, according to Finjan. "The potential was huge, you basically could infect millions of Yahoo users within an hour," said Shlomo Touboul, Finjan's chief executive officer. When the malicious script runs, the attacker gains full control of a user's machine, he said.
The script code can be written in various programming languages, including Java, JavaScript, VB Script, Active X and HTML (Hypertext Markup Language), according to Finjan. Yahoo has now taken steps to block most of the scripts in its e-mail service, Touboul said. Yahoo spokeswoman Mary Osako said the company takes security very seriously and employs rigorous and aggressive measures to help protect users. "Yahoo was informed of an issue in Yahoo Mail on Nov. 11 and quickly implemented a server-side fix which did not require users to take any action. We are unaware of any users who were affected by the issue which no longer affects Yahoo Mail," she said in a statement sent via e-mail.
News source: InfoWorld
The script code can be written in various programming languages, including Java, JavaScript, VB Script, Active X and HTML (Hypertext Markup Language), according to Finjan. Yahoo has now taken steps to block most of the scripts in its e-mail service, Touboul said. Yahoo spokeswoman Mary Osako said the company takes security very seriously and employs rigorous and aggressive measures to help protect users. "Yahoo was informed of an issue in Yahoo Mail on Nov. 11 and quickly implemented a server-side fix which did not require users to take any action. We are unaware of any users who were affected by the issue which no longer affects Yahoo Mail," she said in a statement sent via e-mail.
News source: InfoWorld
- The main features of 7-Zip:
- Highest compression ratio in new 7z format
- 7-Zip is free software distributed under the GNU LGPL
- Supported formats: 7z, ZIP, CAB, RAR, ARJ, GZIP, BZIP2, TAR, CPIO, RPM and DEB
- For ZIP and GZIP formats 7-Zip provides compression ratio that is 2-10 % better than ratio provided by PKZip and WinZip
- Self-extracting capability for 7z format
- Integration with Windows Shell
- Powerful File Manager
- Powerful command line version
- Plugin for FAR Manager
- Localizations for 41 languages
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.