Attackers have begun on exploiting ActiveX flaws that exists on Yahoo’s Jukeubox software just a day after the flaws were disclosed to the public.

The name of the researcher who disclosed the vulnerability is Elazar Broad. He recently revealed flaws in programs which have the ability to upload images to MySpace and Facebook accounts.

Yahoo has no patch for the ActiveX flaws at the moment. Secunia rated the flaws as “extremely critical” which is the highest classification in their rating scale.

The author of the article at The Register notes that users have the option to uninstall the software for the meantime to protect themselves while waiting for a patch.

Source: The Register