AOL patches hole in Instant Messenger

America Online has patched a buffer overflow vulnerability in its AOL Instant Messenger (AIM) software.

America Online has patched a buffer overflow vulnerability in its AOL Instant Messenger (AIM) software.

A spokesman said the company was not aware of any users which were affected by the vulnerability and added that users did not need to download anything to secure their service.

Matt Conover, a founding member of the online security research group w00w00 Security Development, first publicised the security hole.

Conover said a feature of AIM Version 4.7 allows hackers to break into the victim's system and execute code through a buffer overflow. However, he explained the exploit could only be performed by online gamers inviting others to participate in games and added it was "fairly difficult to exploit".

If successful a malicious hacker could potentially launch a worm, similar to those that have penetrated Microsoft Outlook and Internet Information Server products.

Read more on Operating systems software

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close