Little over one month after the last release of the popular IRC-client, a new version becomes public.
According to the website the update is due to a security flaw concerning “very long nicknames on non-standard servers” and it is therefore a recommended upgrade for everyone.
Also, it seems the exploit code for the mentioned vulnerability is already in the wild so it’s advised to update in a timely manner or deploy the following workaround if an upgrade is not possible:
on ^*:OPEN:?:*:if ($len($nick) > 298) halt
The above snippet should be added to ones mIRC’s remotes and shall then prevent the hole from being exploited.
Thanks to slakker for the tip & links!