The Computer Emergency Response Team (Cert) yesterday released a warning about serious vulnerabilities in AOL Time Warner's ICQ chat tool.
The remotely exploitable buffer overflow affects AOL's Mirabilis ICQ versions 2001A and earlier.
Cert warned that attackers able to exploit the vulnerability may be able to execute arbitrary code on the target machine with the privileges of the victim.
Although Cert said that an exploit is known to exist, it stressed that it does "not believe it has been distributed in the wild". The organisation added: "We have not seen active scanning for this vulnerability, nor have we received any reports of this vulnerability being exploited."
According to figures from AOL, ICQ is used by around 122 million people.
The buffer overflow vulnerability can be exploited during the processing of a Voice Video & Games feature request message. This message is supposed to be a request from another ICQ user inviting the victim to participate interactively with a third-party application.
All versions prior to the latest build of 2001B are vulnerable, said the advisory. Version 2001B itself is vulnerable via a plug-in, but this problem will be resolved next time the user connects to an ICQ server.
AOL is recommending all users of vulnerable versions of ICQ to upgrade to 2001B Beta v5.18 Build #3659 immediately.
Alternative protection measures include blocking ICQ/SMS requests at the firewall as well as connections to login.icq.com and access to ports 4000/UDP, 5190/TCP and the TCP port that your ICQ client listens on, or blocking mistrusted messages by denying direct connections from anyone without authorisation.
Earlier this month AOL was forced to warn users over a serious flaw in its Instant Messenger software.
The Cert advisory can be found here.
Could be used for everything from search-and-rescue robots to wearable tech
Don't require the rare material being mined from the mountains of South America
IBM hopes that its new tool will avoid bias in artificial intelligence
Found by calculating the strength of the material deep inside the crust of neutron stars