AOL Instant Messenger faces security issues

By on September 26, 2007, 1:04 PM
Core Security Technologies has announced the discovery of a new vulnerability affecting AOL Instant Messenger, on systems where Internet Explorer 7 is also installed. Researchers warn that by exploiting the vulnerability to AOL's AIM, an attacker could remotely execute code on a user's computer and exploit Internet Explorer bugs without user interaction.

The flaw reportedly affects versions 6.1 and 6.2 beta, AIM Pro and AIM Lite. Core Security Technologies also said that the same kind of flaw could be found in other applications that have IE embedding, but Yahoo Messenger and MSN Messenger are not at risk.

Although AOL claims to have resolved all off the issues presented by Core Security within all past, current and future versions of AIM, CST’s chief technology officer Ivan Arce says the vulnerability can still be manipulated. Core recommends that users download and install a non-vulnerable version of AIM such as AIM 5.9 or use AOL's web-based AIM Express service until AOL has fixed the problem.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.