Their are still people using AIM? wow....what am I gonna find out next, hampsterdance.com is the most popular site on the web???

*laughs*

Excellent. I had totally forgotten about that.

Time to walk through the building and set it as the homepage of the folks who've left their PCs without locking the session.

If that doesn't teach 'em...

Is AIM 4.8 affected?

" Iván Arce told the AP that the current AIM 6.1, including the Pro and Lite versions, as well as the beta of AIM 6.2 all utilize Internet Explorer 7 for some of their rendering functions, including graphic emoticons."

Didn't see AIM 4.8 mentioned in there, but since AIM 4.8 may no longer be supported by aol (I don't know if it is or not), it will not be mentioned anyway.

Kinda like the fact that the 2005 WMF exploit actually affected Windows 95 and Windows 3.1 as well, but since Microsoft retired support for those ages ago, they needn't mention them.

4.8 probably came out before IE7 so most likely not. I don't use AIM so I'm not completely sure.

How many does this make for IE over the past four months? Wasn't new versions of Vista/IE supposed to make us safer?

Aww, I hear toolie crying.

Gee, don't all software products have the possibility of holes? Last I checked people still made mistakes and pencils still had erasers. Oh wait, you just wanted another chance to attack IE and another user. You know, from someone who tries to act so professional on other sites (DontationCoder, the great software list), you sure don't know how to do so on a simple review site.

Maybe I am reading it wrong, but the problem is with AIM and how it uses 7 for rendering that is the problem. Too quick to jump on IE7. Maybe wait until the full details are brought to light before you condem the product.

Posting 101: You fail.

Nice double-post. I imagine the excitement at the thought of being able to make yet another MS-Troll post was just too much for you.

Next time, try reading the article first.

How many does this make for IE over the past four months? Wasn't new versions of Vista/IE supposed to make us safer?

Aww, I hear toolie crying.

Maybe I am reading it wrong, but the problem is with AIM and how it uses 7 for rendering that is the problem. Too quick to jump on IE7. Maybe wait until the full details are brought to light before you condem the product.

ROFLMAO....

Reading Comprehension 101: You fail.

Also note than under protected mode, even "full access to IE7" is pretty damned useless.

We ban AIM at work and I ban it at home. It's useless. IE7 is part of Vista so you live with it, even if you load FF or Opera or whatever.

and why not. with microsoft being as secure as it is, what could go wrong

I don't use IE OR AIM, so nothing to worry about.

Read more carefully. It doesn't matter if YOU use IE7... AIM itself uses IE7.

You don't use AIM at all so you're not affected, just thought I'd make that distinction.

I use Trillian Astra myself.

Trillian is the sheeyat

Pretty much assume AIM and Yahoo Messenger have security issues, public disclosed or not.

I gather that this exploit can only occurr with both AIM and IE7 working together. This much I figured out on my own. My question is: where is the actual vulnerability, IE7 or AIM (or both)?

"Certain commands issued during an IM session.."

To me, this is an AIM problem with it's poor integration with IE7. The developers of IE7(Microsoft) should not be held responsible for the actions of others. Developers, on a whole, cannot be faulted by the intentional/unintentional use of their product - though measures should be taken to keep if from happening in the future now that it has been brought to light.

Though the actual vulnerability is not described in detail, it is often puzzling how others jump to conclusions and bash a product, in this case IE7, without all the facts. I too, wish to know more and look forward to the follow-up article. If BetaNews has their initial information correct, this seems to be an AIM issue that is affecting IE7.

BAM!

Another day, another windows vulnerability... "laughs"

How many patches did Apple release again in the past few months?

/thank you
//No piece of complex software is 100% including YOURS.

Perhaps you need to read that again... I don't see anything about a "windows" vulnerability. I see an IE vulnerability.

EVERY software has vulnerabilities, however. NO web browser or OS is immune.

Exactly! And how many holes have been found in the over-hyped iProne?

Interesting that an Apple fan-boy would comment on browser vulnerabilities with all of the vulnerabilities found recently in Safari!

on windows? safari has only had 4 patches since it's 2.0 launch. 3 on windows isn't even out of beta.

What? 2 patches? fomg the world will collapse.

BAM!

Another MS troll hits the web and totally fails at reading comprehension.

You guys are such good entertainment, who needs TV?

It's an AIM vulnerability. Microsoft is in no way responsible, from what it sounds like. Even if it utilizes some sort of IE exploit or vulnerability, the only excuse for using IE7 for what AOL is doing with it is lazy programming on the part of AOL.

... and 3 on windows has already had two patches, if I'm not mistaken.

And neither of them fixed the problem I've been having where the menu bar is invisible. I'm not on a Mac here!

Annnd I just went to run it again and it crashed on startup. Boo. But then again a few things are broken on here ATM so I can't really blame Apple for that.

Agreed!

you're running a beta app on a platform it's not native to. i'm shocked your computer hasn't imploded