Did A Google Earth Mistake Cause A Couple's Brutal Murder?
Tumblr 101: Tips And Tricks To Get Started
AOL Instant Messenger vulnerability won't be fixed until mid-October
Core Security's Aviv Raff reports that AOL's AIM client has a severe vulnerability. A user can send code in an instant message that will execute code on your computer. You don't even have a click a link. As long as you're accepting incoming messages, a hacker could wreak havoc on your system.In a demonstration, Raff sent ZDNet's Ryan Naraine a message that cause his Windows calculator to open. AOL is working on a patch, and recommends users upgrade to the latest beta version of AIM. But Raff says that so far each patch that has been issued has been easily circumvented.
AOL says a full solution will be available by mid-October. In the meantime, we recommend rejecting messages from any unknown source and hoping that your buddies aren't running infected PCs. And if you want to be extra careful, you can access your buddy list using an alternative program like Meebo, Pidgin, or Trillian.
Comments
3
Subscribe to commentsdonSep 27th 2007 7:31PM
I'm still using AIM version 5.5.3598. Am I affected?
robotrockSep 27th 2007 9:25PM
I assume all their devs are laid off :P
David ESep 27th 2007 9:26PM
No, its been patched. Don't ask how i know, but the patch just hasn't been documented. Don't worry, you have nothing to worry about, lol