"Oversized values passed to the "goaway" function of AIM's "aim:" URI handler may be used to overwrite the pointer to the Structured Exception Handler, which could then be used to execute code written by the attacker."
Apparently, the attack would manifest itself as a link in the instant messaging window, which when clicked would open the user up to the possibility of attack.
Better patch it before some anorak wearing, 30 stone guy who lives in his Mom's basement starts using this exploit to annoy us all.
Downloads and Drivers
From the Forums
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.