AOL has moved quickly to patch a severe security flaw in its AOL Instant Messenger (AIM) client - which also ships with Netscape Communicator.
Security firm @stake said the flaw could have allowed hackers, through malicious HTML email or a malicious website, to run code on users' machines if they had installed AIM, regardless of whether they were running it or not.
The weakness, a HTTP buffer overflow vulnerability, was described by @stake as "real easy to exploit".
Many corporate networks are understood to be included in the estimated 64 million users of the client. @stake warned that the bug may bypass corporate firewalls, because it is client initiated and most firewalls don't guard against this type of attack.
AOL has posted a patched version of the IM client at http://www.aol.com/aim/home.html, but eyebrows are likely to be raised at the apparent lack of publicity for the fix. However, AOL said it has received no reports of the flaw being exploited.
@stake warned that people are vulnerable unless they upgrade. A description of what users should do if they cannot easily upgrade can be found on @stake's website.
Scientists believe there could be other hydrides or superhydrides with super conducting properties
Resetting the telemetry circuits and associated boards brought the instrument back to operations mode
Fortnite news and updates: Flaw in Fortnite authentication could have helped attackers steal player login credentials
Attackers could have used Fortnite security flaw to buy in-game currency on players' stored credit cards
New photos show cotton seeds sprouting in sealed container - with other plants expected to sprout within days