|
|
An international team of nonprofit researchers known as "w00w00"recently
reported a serious security hole in AOL's popular Instant Messenger program
(AIM), which is used by millions of users worldwide to communicate via short,
real-time messages. The problem--which is exclusive to Windows systems--affected
AIM's newest versions, as well as many earlier iterations of the program.
The vulnerability allowed hackers to send a stream of junk messages to the
program, overwhelming the software and completely hijacking the victim's computer.
Once compromised, the machine could be subject to any mischief a hacker devised,
including deleting files and spreading computer viruses.
AOL took immediate steps to fix the problem before users were affected. However,
serious security loopholes like this one are being discovered every day in popular
commercial software products used by hundreds of millions of people, and they
have the potential to create widespread damage.
We strongly recommend you avoid installing network applications not included
on the Duckware CD-ROM, which is distributed at no charge each year to UO faculty,
staff, and students. If you do choose to install other applications, be extremely
discriminating and stay up-to-date on vendor fixes and antiviral software.
For a complete description of AIM's security problem, see the w00w00 information
page at http://www.w00w00.org/advisories/aim.html
If you do not yet have your copy of Duckware, go to Microcomputer Services (151
McKenzie Hall) or the Documents Room library (175 McKenzie) and request one.