Today a new exploit was released on the Bugtraq mailing list by Michael Evanchik that targets the very popular AOL Instant Messenger. This exploit is a combination of existing Interrnet Explorer vulnerabilities and a new predictable file location vulnerability in the AIM client.
PivX Solutions have analyzed this new exploit and the new AIM vulnerability and determined that locking down the My Computer zone in Internet Explorer completely mitigates the impact of this vulnerability. All of our existing Qwik-Fix users were proactively protected against this threat before it was ever announced.
We have crafted a response that details what this exploit is comprised of and how it works, including details about related vulnerabilities, which you can find at
http://www.pivx.com/larholm/list/pivx.02.19.2004.aimpredictablefilelocation.txt
If you have not already installed Qwik-Fix you can download it from
http://www.qwik-fix.net/
Most Secure Regards
Thor Larholm
Senior Security Researcher
PivX Solutions

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic