Urgent AOL update
This sounds like a serious vulnerability. The SecurityFix is reporting on a very serious vulnerability in AOL.
The problem affects AOL version 8.0, AOL version 8.0+, and AOL version 9.0 Classic.
The vulnerability could allow a remote attacker to take control of a users PC. Basically, all that would be needed is for the AOL user to visit a specially crafted web page.
All AOL users should upgrade to either AOL 9.0 Optimized, or AOL Security Edition AOL downloads center here.
This is of concern for a number of reasons. First, studies show that AOL has a greater proportion of “new internet users” among their membership. Those “new internet users” may not be comfortable with downloading and installing software updates. Additionally, my concern is that the dialup users will not find it practical to download the update.
Broadband users that also use AOL will find it easier to download and install the update and frankly I think will face a slightly greater risk. (If only from a greater tendency to spend longer amounts of time online and stumbling across malicious sites…)
It’s time for them to start sending out cds again I think….