The company gave the bugs its highest security threat rating. "If you're running this, your system could be compromised," said Maiffret. "It allows for remote [code] execution."
"We recently learned of a buffer overflow security issue in an ActiveX control," a Yahoo spokeswoman said in an e-mail to InformationWeek. "This control is part of the code for Web cam image upload and viewing. Upon learning of this issue, we began working towards a resolution and expect to have a fix shortly."
Maiffret was careful not to give out too much information about the flaw until Yahoo can issue a patch for it. However, he would say that for the vulnerability to cause a problem, the user would have take some kind of action.
"This type of flaw is not going to be prevented by antivirus," he added. "There's no real protection for this type of flaw."
[Interop ITX 2017] State Of DevOps ReportThe DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.