Cameras
Camcorders
Cell Phones
Components
Desktops
HDTV
Home Theater
GPS
Laptops
Monitors
MP3 Players
Networking &
Printers
Storage
WiFi Finder
Locate wireless services by a specific address, city, state, country, airport, or zip code.
Security Flaw Found in AOL Instant Messenger
AOL has already fixed vulnerability that could have allowed attackers to run code on user's PC.
Sam Costello, IDG News Service
A new security vulnerability in America Online's Instant Messenger program could allow an attacker to run a program on a user's computer.
AOL has fixed the vulnerability on its servers, however, so users need take no action to be protected, says Andrew Weinstein, a spokesperson for AOL.
The vulnerability came about as the result of a buffer overflow in the "add external application" component in AIM which allows users to share programs, says Weinstein.
AOL was notified of the bug about 10 days ago and fixed the flaw soon thereafter by making changes to its servers, Weinstein says. The company has had no reports of users being affected by the vulnerability, he says.
Similar Story
In early January the company was alerted to a similar vulnerability in AIM by the security group w00w00. That vulnerability, which is "reasonably similar" to Monday's issue, according to Weinstein, allowed a malicious user to send attack code via AIM's shared game feature. AOL also fixed that problem on its servers.
Despite the similarity in the two vulnerabilities, Weinstein downplays the idea that there are more far-reaching issues in AIM.
"There is a very limited range of potential similar areas of vulnerability," he says.
Laptop Showcase
The Best of PC World
- Great year-end deals
for small business! -
Get 24/7 live remote AT&T Tech Support 360* service along with select Lenovo* PCs (with Intel® Core™ 2 Duo processors) and save up to 200!
-
HP EliteBook* 6930p Notebook with Intel® vPro™ technology and a free HP Basic Docking Station - $641 instant savings!
- *Other names and brands may be claimed as the property of others. ©2009 Intel Corporation. Intel, the Intel logo, vPro and Core trademarks of Intel Corporation in the United States and other countries. All rights reserved.
People who read this also read:
Best Prices on Security Software
Norton Internet Security 2010 - 3 UsersPrice: $26.30
Norton Internet Security 2010 - 3 UserPrice: $26.30
Internet Security 2010Price: $31.89
Norton 360 Version 3.0 - 3 LicensesPrice: $39.99
Total Protection 2010 - 3 UserPrice: $26.97
Norton 360 Version 3Price: $41.10
-
Perfect Printing Solutions Find just the right All-in-One Printer for you from HP. Visit the HP Resource Center.
-
Acer Laptop Center Forget the Mouse...check out the next generation multi-gesture touch screen technology from Acer.
-
Dell Shopping Center Check out great deals from Dell!
