Yahoo Messenger users are being encouraged to download the latest version of the application to fix a bug in the previous version.
Users who are using a version of Yahoo Messenger downloaded before 2 November have a version that contains a bug in the way it handles an ActiveX control.
The bug may cause a buffer overflow, which occurs when a computer tries to store too muc h information in a temporary cache. According to Yahoo it may result in being logged out of a Chat or Messenger session, or it may crash Internet Explorer, or worst of all, result in a hacker gaining control over the system.
In order for these to occur, the user must be viewing a malicious HTML code, most likely through visiting a rigged website.
Security firm Secunia has labelled the flaw “Highly critical”.
The flaw was discovered by Yahoo itself, rather than by a third-party security vendor.