Cameras
Camcorders
Cell Phones
Components
Desktops
HDTV
Home Theater
GPS
Laptops
Monitors
MP3 Players
Networking &
Printers
Storage
WiFi Finder
Locate wireless services by a specific address, city, state, country, airport, or zip code.
Suggested AIM Fix Features Security Flaw
Program offered by security group could leave systems vulnerable to hackers.
Joris Evers, IDG News Service
Software recommended by security group w00w00 to plug a hole in America Online's Instant Messenger opens the user's system to hacker attacks and can direct the user's Web browser to pornographic Web sites, w00w00 says.
The security group was the first to publicize the hole in AIM last week, prompting AOL to take action and correct the problem on the server side within a few days.
In its initial warning, w00w00 advised users to download and install a third-party program called AIM Filter for immediate protection, but this software comes with its own security problems, a member of the w00w00 team writes in a posting to the Bugtraq mailing list late Tuesday.
"At the time, Robbie Saunders' AIM Filter seemed like a nice temporary solution. Unfortunately, it instead produces cash-paid click-throughs over time intervals and contains back door code," Jordan Ritter writes. The click-throughs in question direct the user's Web browser to advertisements using Saunders' referral code, generating commission payments for him.
Cleaned Up
W00w00 now offers a cleaned up version of AIM Filter without these security holes, Ritter writes. The problems with the software, designed to block certain AIM functions, were only discovered on January 5 when Saunders released the source code for his filter, Ritter says in the Bugtraq posting, apologizing for the error.
AIM Filter creator Saunders says in a statement on his Web site that AIM Filter allows him to remotely obtain a user's Internet Protocol address and AIM build number. It also allows him to shut down AIM Filter on a user's system and open five "embarrassing Web sites," the statement says. The porn Web sites only pop up when AIM Filter is launched, not at time intervals, he states.
It is unknown how many people installed AIM Filter. One AIM user in a news group asks w00w00 for more detailed instructions on how to remove AIM Filter.
A buffer overflow vulnerability existed in the shared game feature of AOL's Instant Messenger, AOL said on January 2. Attackers could access a users system by exploiting the vulnerability, according to w00w00.
Perfect Print Solutions
Save on Printing Costs
- Great year-end deals
for small business! -
Get 24/7 live remote AT&T Tech Support 360* service along with select Lenovo* PCs (with Intel® Core™ 2 Duo processors) and save up to 200!
-
HP EliteBook* 6930p Notebook with Intel® vPro™ technology and a free HP Basic Docking Station - $641 instant savings!
- *Other names and brands may be claimed as the property of others. ©2009 Intel Corporation. Intel, the Intel logo, vPro and Core trademarks of Intel Corporation in the United States and other countries. All rights reserved.
Dell End of Year Deals
-
Ring in the New Year with Huge Deals on Dell Computers Up to 30% Popular Dell Laptops, up to 25% off Popular Dell Desktops. Sales ends 12/31 5AM EST.
People who read this also read:
Best Prices on Security Software
Norton Internet Security 2010 - 3 UsersPrice: $26.30
Norton Internet Security 2010 - 3 UserPrice: $26.30
Internet Security 2010Price: $31.89
Norton 360 Version 3.0 - 3 LicensesPrice: $39.99
Norton 360Price: $25.00
Total Protection 2010 - 3 UserPrice: $26.97
- 15 Minutes to a Secure Business Get the Secure in 15 toolkit starting with the "15 Minutes Month-at-a-Glance" calendar. McAfee will send you additional tools and tricks to stay protected around the clock.
- A Buyer's Guide to Data Protection Implementing data protection products and processes can be daunting. Make the right decisions by exploring what is available and what makes sense for your organization. Use this simple guide to evaluate different vendor offerings.
