AIM Hole Invites Attacks

[moxnix]

For all of you AIM users. (I'm not one BTW)

Computer security companies are warning users of America Online's Instant Messenger program for Windows that it has a serious security hole that could allow remote attackers to execute malicious code on computers that run the popular instant messaging software.

The security hole was discovered by iDefense of Reston, Virginia, a computer security intelligence company. A flaw in an AIM component called the "goaway" function allows an attacker to cause a buffer overrun on machines running AIM. Attackers could trigger the flaw by feeding a large amount of data to the goaway function, possibly using a URL embedded in an instant message to the user.

All known versions of AIM for Microsoft Windows are affected. If successfully exploited, the AIM away message vulnerability would allow remote attackers to run code with the privileges of the user who launched the AIM application, iDefense says.

Source

[pooh sun tzu]

Hey.. SodaP discovered this already.

http://www.enterpriseitplanet.com/se...le.php/3392691

[Soda_Popinsky]

To set the record straight, Matt Murphy officially found it 8 days before I did, and reported it to idefense. While idefense and AOL were working toward a patch, I discovered the same vulnerability and others. I attempted to contact AOL, over a week later, I contacted secunia. Over a week from there, no response from AOL to me or Secunia was made. Secunia published my advisory first, and idefense in turn publicized the vulnerability as Secunia made mine public.

While I am not comfortable with disclosing the specifics, you can defend yourself by simply switching clients, (gaim, trillian), or following the instructions here-
http://www.idefense.com/application/...ulnerabilities

Do not click links in AIM until a patch comes out.