Trillian critical security update released

By Dawn Kawamoto
Staff Writer, CNET News

Share
- Digg
- Del.icio.us
- Reddit
- Facebook
- Google
- Newsvine
- Yahoo! Bookmarks
- Twitter
- Stumbleupon
E-mail
Print

Trillian critical security update released

Related Stories: Trillian IM flaw exposed
March 25, 2005; RIM to bring AOL, Yahoo IMs to BlackBerry
March 14, 2005

Cerulean Studios on Monday released a "highly critical" security update for its Trillian multi-protocol chat software.

Attackers could exploit vulnerabilities in the character encoding for Trillian 3.1.5.1--specifically, the word-wrapping handling of UTF-8, the Unicode Transformation Format used for encoding characters in e-mail, instant messages and Web pages, iDefense Labs warned in its security advisory. The vulnerabilities potentially could affect earlier versions of the Trillian software as well, iDefense said.

Trillian, which supports Yahoo's Instant Messenger, AOL's AIM, MSN Messenger, and Internet-relay chat and ICQ ("I seek you") instant-messaging protocols, could be exploited if users view a malicious message containing an unusually long UTF-8 string. Attackers could then potentially launch a buffer overflow and remotely gain control of a user's system, according to Secunia, which rates the security flaws as "highly critical."

Cerulean Studios has released an update, version 3.1.6.0, to Trillian. iDefense noted that while it identified the MSN protocol as a potential attack vector for the vulnerabilities, other supported protocols may be vulnerable.

See more CNET content tagged:
Trillian, Cerulean Studios, iDefense, security update, vulnerability

Add a Comment (Log in or register) 5 comments

Geeze...
by jelloburn June 19, 2007 10:06 AM PDT: I'm so tired of c|net hating on Trillian. Every time something bad
happens to Trillian, they jump all over it and point out it's flaws!

It's almost like their bias against Windows Vista AND Mac OS X...

I hope somebody found the sarcasm in this post.; Reply to this comment View all 3 replies
Processing

Nice begening
by lyr32 June 24, 2007 2:49 AM PDT: Nice begening: "Cerulean Studios on Monday released a "highly critical" security update for its Trillian multi-protocol chat software.
"

Nicso - http://www.lyricsrec.com/lyrics/billy-joel/index.php
http://www.lyricsrec.com/lyrics/brandy/index.php; Reply to this comment

Latest tech news headlines

President signs broadband data collection bill
Posted in News - Politics and Law by Stephanie Condon

October 10, 2008 3:59 PM PDT
Microsoft to announce Silverlight 2.0 on Monday
Posted in Beyond Binary by Ina Fried

October 10, 2008 3:43 PM PDT
Fallout takes hold: Seesmic publicly lays off 7
Posted in Webware by Rafe Needleman

October 10, 2008 2:56 PM PDT
See all headlines

Resource center from News.com sponsors

You Need The Speed of Norton 2009

Introducing Norton Internet Security™2009

With one-click, one-minute install, under 8MB of memory usage and fewer, shorter scans, it's the fastest security suite anywhere. Norton. Smart Security, Engineered for Speed. Get a FREE trial today!

The Fastest Security Suite Anywhere

Experience the revolutionary Norton Internet Security™ 2009. With Norton™ Insight, a new feature, you get precision security that targets only at risk files for fewer, faster, shorter scans

Win a Trip to Space!*

Enter the Blast Off with Norton Sweepstakes for your shot at a trip to space. You could experience being fast and weightless, just like the new Norton 2009. *No purchase necessary; click for full details.

FREE Trial!

Act now to get your FREE trial of Norton Internet Security 2009. Try it for the protection. Love it for the speed

Norton Safe Web NEW!

A community-based system that rates web site safety

Norton Labs NEW!

Users can download new security technologies and share input directly with developers. Help us shape our future products!

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Inside CNET News

Scroll Left Scroll Right

News - Business Tech
Week in review: Tech stocks tumble
Of course it wasn't just technology stocks that took a dive this week, but industry leaders are doing some serious worrying about what lies ahead.
Gallery
Photos: Cracking open Apple's revamped iPod Nano
News - Apple
Apple, eBay stocks rise as Dow goes on wild ride
Two notable technology stocks swam against the tide Friday, with shares rising in the positive territory for most of the day.
Beyond Binary
Microsoft to announce Silverlight 2.0 on Monday
The software maker plans to announce the completion of Silverlight 2.0 on Monday, according to a source familiar with the matter.
Video
Sprint launches Xohm WiMax
News - Digital Media
YouTube beams up 'Star Trek' for long-form video
YouTube gets Beverly Hills 90210, MacGyver, and Star Trek in a test of longer-form video that's theatrically presented and interrupted by ads.
Video
Talking with Newt Gingrich on tech, bailout
News - Politics and Law
President signs broadband data collection bill
The Broadband Data Act encourages wider collection of information regarding nationwide access to broadband.
News - Cutting Edge
Academics sink teeth into Yahoo search service
Yahoo hopes its Build Your Own Search Service program has piqued the interest of academic researchers. Next stop: start-ups.
Gallery
Photos: Messenger returns to Mercury
Crave
Ubiquitous Netbooks, a cheap Acer, and WiMax cometh: The week in laptops
Netbooks are everywhere (still), this time from Asus and MSI. Also, more cheap laptops and Best Buy's Blue Label. It's the week in laptops!
Green Tech
Urban wind power inspired by ancient Persia
The shape of urban wind power continues to morph. The latest twist come from Windation, a company with a design inspired by centuries-old "wind catchers."