Do I need the Yahoo! Audio Conferencing Security Update?
Attempting Automatic Detection...
You do not need to update because you do not have the Yahoo! Audio Conferencing installed.
You do not need to update because you have the latest version of Yahoo! Audio Conferencing.
You should install the update because your version of Audio Conferencing contains a security vulnerability. Please read the directions below and then click this button:
I'm a
technical user. What is the CLSID and exact version of the control that contains the fix?
The CLSID is
2B323CD9-50E3-11D3-9466-00A0C9700498 and the version is
1,0,0,45.
What is the issue?
There is a security issue, commonly referred to as a buffer overflow, in the Voice Chat feature of Yahoo! Messenger and Yahoo! Chat.
What is the potential impact?
Some common impacts of a buffer overflow might include being involuntarily logged out of a Chat and/or Messenger session, the crash of an application such as Internet Explorer, and in some instances, the introduction of executable code. For this specific issue, these impacts could only be possible if an attacker is successful in prompting someone to view malicious HTML code, most likely executed by getting a person to visit their web page. To our knowledge, there have been no known executable code exploits related to this issue.
