IT Masala

Yahoo has issued a critical security patch for Messenger to address zero-day exploits that take advantage of vulnerabilities in its Webcam ActiveX controls.

Problem :

Messenger users' computers could be at risk if they visit malicious Web sites or view other malicious HTML code. The attackers could then exploit security flaws in the Yahoo Webcam ActiveX control, a software package that is downloaded with Messenger.

So how fast is Yahoo in patching this problem ? 

eEye Digital Security discovered the flaw and reported it to Yahoo earlier this week. eEye gave the problem its highest risk rating; fellow security company Secunia did the same, labeling it "extremely critical." Yahoo issued the patch in an update on Thursday.

Download Security patch:

Yahoo's advisory on the problem states that anyone using a version of Messenger obtained before Friday should download the update.

[ zdnet ] 

Six Apart announced the beta release of Movable Type 4, a much anticipated upgrade to a blog platform that has two distinct user bases - consumer base and Enterprise. Movable Type Open Source, or MTOS, is the open source project that will consist of a GPL-licensed version of Movable Type 4.0, to be released in Q3 2007, and resources for the already large community of Movable Type developers.

Its already late but never too late..to stay in the competition of these blogging platforms, they had to open source it..anyway..better late than never …

The MTOS distribution will be available for download / checkout later this summer at www.movabletype.org

To learn more about the open source project, visit its website http://www.movabletype.org/opensource/.