This sounds like a serious vulnerability. The SecurityFix is reporting on a very serious vulnerability in AOL.
The problem affects AOL version 8.0, AOL version 8.0+, and AOL version 9.0 Classic.
The vulnerability could allow a remote attacker to take control of a users PC. Basically, all that would be needed is for the AOL user to visit a specially crafted web page.
All AOL users should upgrade to either AOL 9.0 Optimized, or AOL Security Edition AOL downloads center here.
This is of concern for a number of reasons. First, studies show that AOL has a greater proportion of “new internet users” among their membership. Those “new internet users” may not be comfortable with downloading and installing software updates. Additionally, my concern is that the dialup users will not find it practical to download the update.
Broadband users that also use AOL will find it easier to download and install the update and frankly I think will face a slightly greater risk. (If only from a greater tendency to spend longer amounts of time online and stumbling across malicious sites…)
It’s time for them to start sending out cds again I think….
Related PostsRelated Posts
- Graphviz and dot I've been puzzled a bit by the graphing output of gramps - it leaves me with a file with a .dot extension that I didn't know quite what to do with. It opened in text editors as just markup, no image viewers I used seemed to like it, so I......
- Big Windows June update day Updates for Windows for the month of June are out today and it looks like some list! 12 updates covering 20 or more vulnerabilities. MANY of these are tagged as critical. (Critical vulnerabilities are considered remotely exploited or with little (or no) user interaction.) Sans has a good listing of......
- Dapper Drake update It looks as though Ubuntu has released the first maintenance release in the Dapper Drake life cycle. So, now 6.06.1 can be downloaded. (In analagous terms this might be considered the first service pack). Many updates have been incorporated into the bootable install cds which should cut the amount of......
- iPhone Jailbreaking: Security Concern or Not? Charlie Miller of Tipb.com stated, “Turns out that if you jailbreak your iPhone you remove most of the Apple’s security protections — 80% to be exact — and are vulnerable to attacks.” That statement seems to resonate across the cell phone app community when discussing the adverse effects of......
- Review of Sprout Builder When Sprout Builder was first released in beta, this drag and drop Flash authoring widget building environment was immediately on fire. Although there was not much wrong with the original Sprout Builder, they have recently released a much more sophisticated version of their flash building services today. The new Software......
- Review of: Brute Force RSS (An RSS Blasting Service) Brute Force SEO has long been a popular solution for businesses and individuals looking to create a more efficient web presence online. Taking things one step further, Brute force RSS, an RSS blasting service, is creating this same type of improved web presence, but this time focusing on corporate blogs......
- Network Security guide for the home or small business network – Part 18 – What about Dialup Users?
- Broadband users watch less tv
- The end for Windows 98 may be a boost to linux?
- Dapper Drake update
- RSS feed to spread the word of software updates