The Channel logo


By | John Leyden 23rd May 2008 10:42

Trillian blighted by security bug trio

Parse the sick bag

The discovery of a trio of security bugs means that users of the popular Trillian instant messaging client need to update their software.

All three of the newly discovered bugs create a means for hackers to inject malware onto the PCs of surfers running vulnerable versions of the multi-protocol chat application from Cerulean Studios. The vulnerabilities involve flaws in how Trillian parses MSN protocol traffic, an error within XML parsing, and a third flaw involving the processing of messages with long (malformed) attribute values within the FONT tag can be exploited.

Users need to update to Trillian version, as described in an advisory by security notification firm Secunia here. ®

comment icon Read 12 comments on this article alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe