- Recommend:
- 0 Comments
Security Flaw Found in AOL Instant Messenger
AOL has already fixed vulnerability that could have allowed attackers to run code on user's PC.
A new security vulnerability in America Online's Instant Messenger program could allow an attacker to run a program on a user's computer.
AOL has fixed the vulnerability on its servers, however, so users need take no action to be protected, says Andrew Weinstein, a spokesperson for AOL.
The vulnerability came about as the result of a buffer overflow in the "add external application" component in AIM which allows users to share programs, says Weinstein.
AOL was notified of the bug about 10 days ago and fixed the flaw soon thereafter by making changes to its servers, Weinstein says. The company has had no reports of users being affected by the vulnerability, he says.
Similar Story
In early January the company was alerted to a similar vulnerability in AIM by the security group w00w00. That vulnerability, which is "reasonably similar" to Monday's issue, according to Weinstein, allowed a malicious user to send attack code via AIM's shared game feature. AOL also fixed that problem on its servers.
Despite the similarity in the two vulnerabilities, Weinstein downplays the idea that there are more far-reaching issues in AIM.
"There is a very limited range of potential similar areas of vulnerability," he says.
Would you recommend this story? YES NO
- Recommend:
- 0 Comments
-
ThinkPad Edge E420 Lenovo Style in an Affordable Package
Buy now direct from Lenovo -
ThinkPad X220 Fast and light, with great input ergonomics and battery life, this powerhouse ultraportable is best-of-breed.
Buy now direct from Lenovo -
ThinkPad X120e One of the best netbooks ever, X120e has the best netbook keyboard ever--nothing else comes close
Buy now direct from Lenovo
-
Windows Phone 7.5 SMS Vulnerability Can Disable Messaging
-
Hacker, 10, Exposes iOS and Android Games Exploit
-
HTC Investigates Reports of 'Massive' Vulnerability in Its Android Phones
-
Email, Personal Information on PlayBook Left Vulnerable to Hackers
-
Bugs and Fixes: Adobe gives Users Privacy Controls; Skype Patches Extremely Dangerous Vulnerability
-
Yahoo Messenger Flaw Enables Spamming Through Other People's Status Messages
-
Google Wallet Flaw Allows Digital Pickpocket
- 12 Criteria for Selecting the Best ERP System Replacement An ERP system is your information backbone and reaches into all areas of your business and value chain. Replacing it can open unlimited business opportunities. This white paper explains the 12 criteria that allow you to identify and select the solution that will meet these expectations.
- Leveraging Social Computing Technologies for ERP Applications This white paper details how Web 2.0 technologies support business strategies by improving efficiency, productivity, and collaboration.
-
Cybersecurity Act Gives Feds Power to Protect Infrastructure
-
Shylock Malware Returns, Refreshed
-
Google and Apple Make Mobile Privacy an Oxymoron
-
Liberties Groups Rap Google's Skirting of Safari's Privacy Protections
-
Twitter Enables HTTPS by Default
-
Google's Safari Tracking Debacle: Reality Check
-
The 15 Worst Data Security Breaches of the 21st Century
-
Android Dodges Apple iOS Address Book Debacle: But not by Much
-
Hacker Suspected in Pentagon, NASA Breaches is Arrested
-
Adobe Confirms New Zero-day Flash Bug
-
How to Become an Ethical Hacker
-
Apple: Apps That Take Your Contact Info Are in Violation, Fix Coming Soon
Ad Choices