AOL has patched <A HREF="http://www.infoworld.com/article/07/10/15/Security-issue-dogs-new-AIM-release_1.html?source=rss&url=http://www.infoworld.com/article/07/10/15/Security-issue-dogs-new-AIM-release_1.html">a serious flaw in its instant-messaging software,</A> but more troubles may lie ahead, according to a security researcher familiar with the issue.
The flaw affects how the AIM software uses Internet Explorer's software to render HTML messages. By sending a maliciously encoded HTML message to an AIM user, an attacker could run unauthorized software on a victim's computer or force the IE browser to visit a maliciously encoded Web page.
Although AOL says it knows of no attacks that exploit this problem, security experts like Aviv Raff had warned that the flaw could possibly be used by a self-replicating computer worm attack.
Recent Articles
-
Why a server-based anti-spam solution might be a good idea
-
Hosted email security with GFI MailEssentials Complete Online
-
Send your holiday emails from Outlook while keeping that personal touch
-
Welcome to the ZATZ Studio
-
Video: SmartSchedules can overcome some of Outlook’s limitations
-
Open question: what would you like to see us cover?
-
How the Epsilon breach might cause real security problems
-
Status report: migrating ZENPRESS to a new platform
From Our Sponsor
