A bug in AOL's Mirabilis ICQ versions 2001A and earlier, that allowss an attacker to run arbittrary code on a target machine with user privallages has been found. The article can be found here and instructions on what to do.
http://msn.vnunet.com/News/1128653