RE: AIM Backdoor?

["Ralph Los" <RLos () enteredge com>]

Yessir, I just double-checked my newly installed WinXP Pro machine, and low
and behold - there's free.aol.com.  I quickly removed it, duh, thanks for
the heads-up!  I wonder how many of us will do this in the next 10 mintes?

Happy Tuesday all,

----------------------------------------|
Ralph M. Los
Sr. Security Engineer and Trainer
          EnterEdge Technology, L.L.C.
          rlos () enteredge com
          (770) 955-9899 x.206
----------------------------------------| 

::-----Original Message-----
::From: miked () rootdown net [mailto:miked () rootdown net] 
::Sent: Monday, April 08, 2002 10:19 PM
::To: incidents () securityfocus com
::Subject: AIM Backdoor?
::
::
::
::Repost attempt, dunno why it didnt go through the first time.
::
::
::
::I have had AIM installed here at work for a while. While 
::trying to repair the security zone settings on a users PC by 
::comparing them to my own, I noticed that free.aol.com had 
::been added to Internet Explorers "Trusted Sites" zone.
::
::If a simple minded user clicks one of the many "Free AOL and 
::Unlimited Internet" icons on their system, or one of the 
::5,800 links to this domain that google turns up, AOL can run 
::the code of their choice without prompting.
::
::Anyone care to verify my findings or find a CSS vulnerability 
::on free.aol.com? Does an employee of AOL care to comment?
::
::      -Mike
::
::
::--------------------------------------------------------------
::--------------
::This list is provided by the SecurityFocus ARIS analyzer 
::service. For more information on this free incident handling, 
::management 
::and tracking system please see: http://aris.securityfocus.com
::
::


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com