America Online (AOL) has recently patched a relatively serious vulnerability in its client software that previously allowed hackers to run unauthorized programs on users’ computers.
According to AOL, the vulnerability is related to the ActiveX control in AOL’s YGP image search tool. This flaw could be exploited by hackers to gain control over the victim’s computer system by tricking users into visiting a specially crafted website. Some affected versions include AOL 8.0, 8.0+, and 9.0 Classic.
Although the vulnerability was disclosed on January 16, security researchers had identified and reported it to AOL several months prior. However, an AOL spokesperson stated that they had already provided a patch at the end of last year, and users who have not yet updated their software can download the patch here to fix the vulnerability.
