AOL users beware: security holes in AOL software

An Ad

Integrate business news on your website free of charge and offer your visitors up-to-date content! Click here for more information.

The French Security Incident Response Team (FrSIRT) has identified a vulnerability in the AOL software and in AOL You've Got Pictures, which could be exploited by remote attackers to execute arbitrary commands. A specifically crafted website may be used by attackers to execute malicious software.

AOL versions 8.0, 8.0+, and 9.0 Classic are reported to be affected but FrSIRT notes that the vulnerable control was also distributed via the "You've Got Pictures" web site prior to 2004. Thus older versions may be exposed as well.

As heise.de reports users of the German edition of AOL do not have to worry. According to a statement by AOL Germany, version 9.0 German as well as the German edition of FotoCenter are affected.

The FrSIRT recommends to upgrade to AOL 9.0 Optimized or AOL 9.0 Security Edition (http://downloads.channel.aol.com/) or to download and apply the hotfix available at http://download.newaol.com/security/YGPClean.exe

Sources: heise.de, FrSIRT