AOL has moved quickly to patch a severe security flaw in its AOL Instant Messenger (AIM) client - which also ships with Netscape Communicator.
Security firm @stake said the flaw could have allowed hackers, through malicious HTML email or a malicious website, to run code on users' machines if they had installed AIM, regardless of whether they were running it or not.
The weakness, a HTTP buffer overflow vulnerability, was described by @stake as "real easy to exploit".
Many corporate networks are understood to be included in the estimated 64 million users of the client. @stake warned that the bug may bypass corporate firewalls, because it is client initiated and most firewalls don't guard against this type of attack.
AOL has posted a patched version of the IM client at http://www.aol.com/aim/home.html, but eyebrows are likely to be raised at the apparent lack of publicity for the fix. However, AOL said it has received no reports of the flaw being exploited.
@stake warned that people are vulnerable unless they upgrade. A description of what users should do if they cannot easily upgrade can be found on @stake's website.
We sacrificed our weekend to try out the new Vikendi map coming to PUBG - and rather liked it
12 of the 32 stars observed feature rings and gaps that are usually carved by planets in the process of formation
The experiment is currently underway at South Korea's Yangyang Underground Laboratory
Exoplanet HAT-P-11b is located about 124 light years from Earth