AOL bungs buddy-list security hole
Now that's what we call service
Barely more than a day after an exploit concerning the Windows versions of AOL's Instant Messenger (AIM) was circulated, AOL says it's managed to fix its network. Users are now safe, and need not lift a finger with downloads or patches, the company says.
The hole made it possible to exploit the way AIM processes games requests, using a buffer overrun attack to take control of a victim's Windows box. It was discovered by security research group w00w00, which developed a harmless working exploit, which in turn inspired AOL to take action immediately. ®