A flaw in AOL Instant Messenger, as reported on Neowin yesterday, has been resolved, an AOL company spokesman said Thursday.
AOL became aware of the flaw Wednesday morning after a group issued a report to security mailing lists about a feature in the most recent version of AIM, spokesman Andrew Weinstein said. The flaw, which was also found in a test version of AIM, could allow someone to take control of home computers.
The flaw, which would have affected only non-AOL subscribers, has been fixed from the AOL side (which involved modifications to AOL's servers), and AIM users do not have to download anything for the resolution.
News source: Reuters
In a further update, one of w00w00.org's founders, Matt Conover, a student of Computer Science and Maths at the Utah State University, is defending his actions to release information regarding the IM flaw that his group found.
"We never expected it to get this much attention," says Matt. His group informed AOL via email around December 25th, waited a week, and got no responce, so he posted information and "proof of concept code" on the w00w00 web site to demonstrate the vulnerability. "No matter how long we waited we weren't going to hear back from them". added Matt.
But, some security experts have called w00w00's actions irresponsible, releasing information aboput the flaw before the vendor has time to prepare a fix. "AOL makes it extremely difficult to get a hold of anybody for anything to do with security," said Russ Cooper, who runs the NTBugTraq e-mail list.
In the end, AOL acted very quickly. As Andrew Weinstein (AOL spokesperson) said, "The flaw was resolved within 24 hours. We heard no reports from users that anyone was affected by it".
News source: Reuters
AOL became aware of the flaw Wednesday morning after a group issued a report to security mailing lists about a feature in the most recent version of AIM, spokesman Andrew Weinstein said. The flaw, which was also found in a test version of AIM, could allow someone to take control of home computers.
The flaw, which would have affected only non-AOL subscribers, has been fixed from the AOL side (which involved modifications to AOL's servers), and AIM users do not have to download anything for the resolution.
News source: ReutersIn a further update, one of w00w00.org's founders, Matt Conover, a student of Computer Science and Maths at the Utah State University, is defending his actions to release information regarding the IM flaw that his group found.
"We never expected it to get this much attention," says Matt. His group informed AOL via email around December 25th, waited a week, and got no responce, so he posted information and "proof of concept code" on the w00w00 web site to demonstrate the vulnerability. "No matter how long we waited we weren't going to hear back from them". added Matt.
But, some security experts have called w00w00's actions irresponsible, releasing information aboput the flaw before the vendor has time to prepare a fix. "AOL makes it extremely difficult to get a hold of anybody for anything to do with security," said Russ Cooper, who runs the NTBugTraq e-mail list.
In the end, AOL acted very quickly. As Andrew Weinstein (AOL spokesperson) said, "The flaw was resolved within 24 hours. We heard no reports from users that anyone was affected by it".
News source: Reuters
Apple, which declined to comment on the products, has begun dropping big hints ahead of launches.
"This one really takes the cake," said Mac Observer, www.macobserver.com, commenting that the company had been stepping up the hype for its events for six months.
"The rumors are flying and Apple has all but ensured that they will continue to do so."
Apple launched its first consumer device in nearly a decade with the iPod and Jobs said he was considering developing a Windows version of the device.
The iPod links to the Macintosh through the iTunes software. That is based on Apple's cross-platform QuickTime media player, which would allow Apple to port the iPod to Windows, said financial analyst David Bailey of Gerard Klauer Mattison.
Apple might also extend its vision of the personal computer as the hub of the "digital lifestyle" by introducing a consumer device for video, Bailey speculated.
He raised Apple to Outperform from Neutral Wednesday, forecasting that Mac fans would buy new gear with the maturation of OS X, the new operating system announced last year, new desktop computers and a higher profile for Apple thanks to its new retail stores.
But with the threat education spending could dip in the weak economy, hurting a key Apple market, and the product transitions in store, Bailey reduced his earnings per share forecast for fiscal 2002 by 3 cents to 52 cents, compared with Apple's 2001 loss of 27 cents, which was driven by a first- quarter loss of 73 cents per share.
Apple, one of the first to feel the chill of the cooling economy in late 2000, suffered with the rest of the personal computer industry in 2001, repeatedly cutting its sales forecast.
But the stock fared well, rising 45 percent and attracting investors with a horde of cash worth more than half the current stock price and a strong brand name.
It also introduced OS X, the most substantial upgrade to its operating system since it introduced the Macintosh in 1984 and began touting the personal computer as the digital hub.
Certainly Apple fans are salivating, even if they are wary of the hype.
"I hope I fall out of my chair and knock myself out," wrote "Antman" on a MacObserver forum. "Ok ... maybe not that last part, but Apple has its work cut out."
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.