This sounds like a serious vulnerability. The SecurityFix is reporting on a very serious vulnerability in AOL.
The problem affects AOL version 8.0, AOL version 8.0+, and AOL version 9.0 Classic.
The vulnerability could allow a remote attacker to take control of a users PC. Basically, all that would be needed is for the AOL user to visit a specially crafted web page.
All AOL users should upgrade to either AOL 9.0 Optimized, or AOL Security Edition AOL downloads center here.
This is of concern for a number of reasons. First, studies show that AOL has a greater proportion of “new internet users” among their membership. Those “new internet users” may not be comfortable with downloading and installing software updates. Additionally, my concern is that the dialup users will not find it practical to download the update.
Broadband users that also use AOL will find it easier to download and install the update and frankly I think will face a slightly greater risk. (If only from a greater tendency to spend longer amounts of time online and stumbling across malicious sites…)
It’s time for them to start sending out cds again I think….
Related PostsRelated Posts
- Exploits a plenty - IE / Excel (Firefox?) There are a number of vulnerabilities that are currently unpatched, but have working publicly known exploits for Excel (*2) and Internet Explorer (2 vulnerabilities here as well.) Proof of Concept code has been released for both the Excel and Internet Explorer vulnerabilities. This means, with the code publicly available, it......
- So who is behind Windows Police Pro Virus / Rogue Security Software? As I've seen the continuing FLOOD of searches for some way to Remove Windows Police Pro, I've been starting to wonder at the who is behind this particular piece of junk software. These programs aren't written by your average ordinary virus writer, there is really too much spit and polish......
- Big Windows June update day Updates for Windows for the month of June are out today and it looks like some list! 12 updates covering 20 or more vulnerabilities. MANY of these are tagged as critical. (Critical vulnerabilities are considered remotely exploited or with little (or no) user interaction.) Sans has a good listing of......
- How To Remove Vista Internet Security 2011 Virus You may be the latest victim of Vista Internet Security 2011. This name-changing virus has the different version, but no matter what version you have, the issues are the equivalent. The cyberpunks who formulated this virus were quite professional to make the program dynamically change its name according to windows......
- iPhone Jailbreaking: Security Concern or Not? Charlie Miller of Tipb.com stated, “Turns out that if you jailbreak your iPhone you remove most of the Apple’s security protections — 80% to be exact — and are vulnerable to attacks.” That statement seems to resonate across the cell phone app community when discussing the adverse effects of......
- WordPress 2.9.2 Released The new update of WordPress fixes a security vulnerability that was previously reported by Thomas Mackenzie on his personal blog. The vulnerability affects all Wordpress installations with the version number 2.9.0 or later. Previous Wordpress installations are not affected by the vulnerability (but are insecure because of other reasons). Thomas......
- Network Security guide for the home or small business network – Part 18 – What about Dialup Users?
- Broadband users watch less tv
- The end for Windows 98 may be a boost to linux?
- Dapper Drake update
- RSS feed to spread the word of software updates