Serious Security Hole In AOL's ICQ Chat Software - CERT
Source: NewsBytes
A security hole in America Online's [NYSE: AOL] popular Internet chat software could allow remote attackers to execute malicious programs on the users' computer, a government-funded security watchdog warned today.
The vulnerability lies in a feature of AOL's ICQ Internet chat program for Windows that allows ICQ users to invite others to join them in playing online games, according to the Computer Emergency Response Team (CERT), a federally funded computer security clearinghouse at Pittsburgh's Carnegie Mellon University.
According to AOL, approximately 122 million people use ICQ (short for "I Seek You").
The announcement comes less than three weeks after an independent security development group found a strikingly similar flaw in another AOL chat program - AOL Instant Messenger (AIM). AOL remedied the problem with AIM in part by creating filters on the AIM servers to prevent attacks using the hole.