For all of you AIM users. (I'm not one BTW)
Computer security companies are warning users of America Online's Instant Messenger program for Windows that it has a serious security hole that could allow remote attackers to execute malicious code on computers that run the popular instant messaging software.

The security hole was discovered by iDefense of Reston, Virginia, a computer security intelligence company. A flaw in an AIM component called the "goaway" function allows an attacker to cause a buffer overrun on machines running AIM. Attackers could trigger the flaw by feeding a large amount of data to the goaway function, possibly using a URL embedded in an instant message to the user.

All known versions of AIM for Microsoft Windows are affected. If successfully exploited, the AIM away message vulnerability would allow remote attackers to run code with the privileges of the user who launched the AIM application, iDefense says.

Source