There’s a buffer overflow in the AIM client that will allow malicious folks to take over Windows machines. AOL says they’re implementing a fix on the server side, which means, I guess, that the server won’t let people send messages that exploit the buffer overflow. Seems like a decent enough hack until they can fix the overflow in the next version of AIM (assuming they do).