www.IRC-Junkie.org – IRC News

No, not only mIRC has bugs

For the second time, after a similar vulnerability in 2007, the irc:// URI-handler of KVIrc 3.4.0 is vulnerable to exploitation.

For successful exploitation of the security hole the user needs to be tricked to follow a maliciously crafted irc:// link – “Failed exploit attempts may cause denial-of-service conditions.” at least, or might even enable the attacker “to execute arbitrary code with the privileges of the user running the affected application.” - which we all know is Administrator for 95% of all Windows machines.

4 days ago, Khaled Mardam-Bey released a new version of the popular Windows IRC-client mIRC

The website states: This version of mIRC is a small though important update to the previous version and has been released primarily to resolve an important issue with ‘if’ statements being processed incorrectly in the scripting language.

It continues: Although this is a minor update, it includes important changes and is a highly recommended download.

The full list of changes is as follows:

1.Fixed if/while bracket priority bug which affected the parsing of if/while statements.

“This version of mIRC continues to build on recent releases and addresses a number of issues that have been reported by users since the last release. It includes improvements, changes and fixes to a number of features”, the mIRC website reports.

“In particular, a new editbox “automatic” lines option has been added that dynamically changes the size of the editbox in a window to show the whole of your typed message, up to half the size of the window. This allows you to easily see and review a long, multiple-line message while keeping the size of the editbox small when it is not in use.”

Version 6.32 of probably the most popular IRC client have been released yesterday.

“This version of mIRC builds on recent releases by focusing on stability and reliability and addressing the various issues that have been reported by users since the last release. It includes cosmetic changes to the interface, fixes, optimizations, and improvements to the scripting language,” the mIRC website reports.

Some of the major changes include longer nicknames, channel names and messages as well as longer variables in scripting. Other changes include:

* Added support for network-specific window position saving.

Version 2.8.7 released the 20th of last month has been superseded with 2.8.7a Zed announced on the XChat homepage.

This new version is mainly a bugfix release, as the changelog shows.

The XChat Windows release is shareware. Freeware versions are still being released from the otherwise still available opensource code. One such release is from Silverex but is an older release, 2.8.4.