Hot on HuffPost Tech:

See More Stories
Free Switched iPhone app - try it now!
AOL Tech

AOL Instant Messenger vulnerability won't be fixed until mid-October

AIM vulnerabilityCore Security's Aviv Raff reports that AOL's AIM client has a severe vulnerability. A user can send code in an instant message that will execute code on your computer. You don't even have a click a link. As long as you're accepting incoming messages, a hacker could wreak havoc on your system.

In a demonstration, Raff sent ZDNet's Ryan Naraine a message that cause his Windows calculator to open. AOL is working on a patch, and recommends users upgrade to the latest beta version of AIM. But Raff says that so far each patch that has been issued has been easily circumvented.

AOL says a full solution will be available by mid-October. In the meantime, we recommend rejecting messages from any unknown source and hoping that your buddies aren't running infected PCs. And if you want to be extra careful, you can access your buddy list using an alternative program like Meebo, Pidgin, or Trillian.



Tags: AIM, calclulator, instant-messenger, malicios-code, vulnerability

Comments

3