Yahoo has posted a security patch for a flaw in its instant-messaging software that could make a computer system vulnerable to crashes and attacks while a user surfs the Web.

The patch, which was posted on the company’s site Thursday, plugs a hole in Yahoo’s use of portable network graphics, a bitmapped graphics file format endorsed by the Internet-standards body World Wide Web Consortium.

Yahoo learned of the problem through a notice issued last week by the U.S. Computer Emergency Readiness Team. The flaw enables portable network graphics to execute malicious code when an image is loaded into the system.

Source:http://www.informationweek.com/story/showArticle.jhtml?articleID=29100205&tid=5979