Re: AOL Instant Messenger "Away" Message Buffer Overflow Vulnerability
If you're running NT/2000/XP, you can delete everything under the key
and make it read-only -- or just deny everyone access to the key.
On Wed, 11 Aug 2004 14:02:50 -0700, Thor Larholm <tlarholm@xxxxxxxx> wrote:
> Deleting the "HKEY_CLASSES_ROOT\aim" registry key is not a permanent
> mitigation but a per-session change that has to be implemented every
> time AOL Instant Messenger is instantiated. The reason for this is that
> if the HKCR\aim key is missing when AIM is launched AIM will simply
> recreate the key and thus the URL protocol.
--
Please don't send anything confidential to this address. More info:
http://www.gmail-is-too-creepy.com/