In association with heise online

14 September 2006, 12:34

Security update for AOL software

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Version 9 and earlier versions of AOL's access software contain security holes related to the processing of images in AOL's proprietary art graphics format. Attackers can manipulate art images to smuggle malicious code onto affected machines. The graphics need not bear the .art file ending; as long as <img> tags are properly in place, the browser will seek out the appropriate processing routine on its own.

The error also affects Internet Explorer. Microsoft already closed the hole on this year's June's Patch Tuesday. AOL is now following suit and providing updates for the version 9 series of access software. This should automatically download and install itself when users log on to the service. Users of older AOL access software are recommended to make the switch to version 9.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit