|
|
|
 |
|
|
We are all familiar with Internet Relay Chat (IRC) programs such as MSN Messenger®, ICQ®, AOL Instant
Messenger (Now AIM),® and IRC® itself but did you know that all of these programs are security risks? To use any IRC
system, you must first download and set up a program on your computer called a client. When you start this client, you
connect with the appropriate IRC server and if you join a channel (sometimes called a room) and start typing your chat talk, it
is viewable by everyone else using that same channel or room.
We actually recommend against using these chat rooms because you are guaranteed to be flooded with spam E-mail. Your security threats include: (1) The hijacking of your IRC number and thus your identity on that IRC system. If this happens, the hijacker may be able to get one of your friends or business associates to divulge certain confidential information as they think that they are actually chatting with you. (2) Directed or blue screen attacks which are commonly referred to as nuking. (3) Automated scripts (referred to as bots) that bounce users such as yourself off of the server. (4) Automated scripts (bots) that patrol IRC servers to scan logged in clients on IRC channels to determine if they are running some sort of Trojan Horse virus. (5)A hacker can also, by server proxy, actually get through to the client program. These backdoors allow hackers to gain unauthorized access to your computer to do harm to yourself and others. (6) Some worms are specifically designed to use IRC clients in much the same way that other other worms use E-mail clients. (7) Another user on the IRC system may be able to get a virus into your computer by uploading a "harmless" file (text, music, picture) to you which contains the embedded virus. In this case you actually allowed the virus into your computer. All we can tell you is to keep your IRC client up to date, keep your Anti-Virus software up to date and to be very, very careful. Common sense dictates that you should really only use IRC on a one to one basis and only with people you know personally. |
| AOL (AIM) Instant Messenger for Windows Security Breach |
|
On July 12, 2004, AOL was informed of a serious security vulnerability believed to affect all Windows versions of
its Instant Messenger (AIM) software. Some time later, this vulnerability was confirmed by AOL to be present in Version 5.5.3595 and in
all previous Windows versions.
Read more about this here.
We therefore recommend that you upgrade immediately to Version 5.9.3690 or newer at the AIM Instant Messenger download web site. This new version is not for the Windows95 operating system and if you are still using this now obsolete system, we recommend that you immediately uninstall your AOL Instant Messenger software. |
