Thread Back Search
دريم بوكس

Updated: Twitter fixes security flaw

  • ThE MaStEr

  • Updated: Twitter fixes security flaw
    Tuesday, September 21 2010, 17:32 BST
    By Mayer Nissim,

    The main Twitter website was hacked this afternoon via a security flaw.

    Users who moved their cursor over blacked-out text automatically Tweeted or Retweeted the same message. Some accounts automatically posted a message in oversized text, making their page and those of their followers unreadable.

    In a blog post, Graham Cluely of security firm Sophos reported that the flaw allowed messages and pop-up windows from third-parties to open in users' browsers. These pages potentially contain spam or malicious code.

    Cluely said: "The Twitter website is being widely exploited by users who have stumbled across a flaw which allows messages to pop up and third-party websites to open in your browser just by moving your mouse over a link.

    "Hopefully Twitter will shut down this loophole as soon as possible - disallowing users to post the onMouseOver JavaScript code, and protecting users whose browsing may be at risk."

    Cluely noted that the Twitter page belonging to Sarah Brown, the wife of former Prime Minister Gordon, had attempted to direct her one million followers to a "hardcore porn site based in Japan".

    In a post on its Safety page, Twitter confirmed that it has now fixed the security flaw.

    "We've identified and are patching a XSS attack; as always, please message @safety if you have info regarding such an exploit," the social networking website said.

    Del Harvey, the leader of Twitter's Trust and Safety team, added: "The XSS attack should now be fully patched and no longer exploitable. Thanks, those reporting it."

    من مواضيعى فى المنتدى

    Rangers-Yankees: Most-Watched League Championship Series In Cable History

    36E: FTA channels after stopping Poverkhnost+

    New Merlin 3 Default Skin Elgato Update 31.12.2011

    Minimize Gemini E1 skin

    Disney, CBS, Fox sue Ivi

    OpenPLi-2.1-beta-dm800-20111028 by gjstroom

    Diablo Keys 22.10.2011

    Murdoch to stand down at BSkyB

الساعة الآن 05:56 AM

Powered by vBulletin® Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.