AOL Instant Messanger Hack Still Not Fixed?
- By Grey McKenzie
- Published 12/6/2007
Grey McKenzie
National Cyber Security Founder
Cyber security watchdog & one of the nation's leading cyber security experts, Grey McKenzie is also the Founder of SpyCop Security Software & Soft Media Publishing Incorporated.
His clients include members of the US Department of Homeland Security, US State Department, US Department of Defense, US Federal Bureau of Investigation, US Central Intelligence Agency, State & Local Law Enforcement not to mention over 50,000 companies & individuals worldwide.
He is regularly consulted by industry leaders regarding cyber security issues.
To schedule a procedural, technical and non-technical network security audit of your company call 902-532-2262
Virginia-based AOL quietly issued a security fix to its AIM instant messaging system this week, after a security researcher demonstrated for Wired News that the company had failed to properly close a September security hole allowing hackers to gain complete control of any PC running the latest version of AIM.
"It could take over 60,000 computers in two days, but I don't want to," says 31-year-old programmer Michael Evanchik, who developed the new attack. "It's a pretty big hole. You don't even have to click anything."
The hack highlights a key difficulty for AOL as it attempts to compete with sites like Facebook and MySpace that feature their own instant messaging systems. AOL has responded by turning its popular AIM client into a multimedia portal, adding extra features that make it easier for hackers to attack the downloadable software.
Full Story