In an interview this morning from Buenos Aires with BetaNews, Core Security Chief Technology Officer Iván Arce described a scenario whereby a malicious user could be able to trigger AOL's Instant Messenger into launching Microsoft's Internet Explorer 7 Web browser, and then send it commands that enable that user to wrest full remote control of the AIM user's system.

More... (http://www.betanews.com/article/Core_CTO_Highly_Exploitable_AIM_Bug_Could_Lead_to_ System_Hijack/1190825191)