Skip to content
Skip to sidebar
Skip to search
Skip to main navigation

Login

Please login to Techworld.com

Forgot password?
Need your new account confirmation email resent?
Forgot email?

Not a member yet?

Register for a Techworld Account and enjoy unlimited access to our extensive white paper library and exclusive Enterprise multi-user software trials. Account members can also comment on articles and access best practices guides.

Register

Register

Security

Related Content

Features

Is cloud-based security really cheaper?
Vendors hope subscription models - and removing the need to manage and update software and hardware - will be attractive
10 hacks that made headlines
Hacking has been around for decades. Today's crimes are often financially-motivated fraud. Here are 10 hacking incidents that made history

Top How-Tos / Advice articles

Most Popular in Security

Google fixes Buzz flaw

The cross-site scripting flaw was fixed within hours

By Robert McMillan | Published: 10:31, 18 February 2010

Google has fixed a web flaw that gave hackers a way to take control of Google Buzz accounts.

The flaw was patched late Tuesday, just hours after being disclosed on a web-hacking blog run by Robert Hansen, CEO of SecTheory.

The bug lay in the m.google.com domain used by Google Buzz for mobile, and could have been exploited by hackers to manipulate other people's Google Buzz accounts. This type of flaw, known as a cross-site scripting error, is common, but it can have nasty consequences on widely used sites such as Google.

Related Articles on Techworld

In addition to taking control of Buzz accounts, scammers could have used the flaw to create hard-to-detect phishing pages that used the Google.com web domain.

In a Wednesday email message confirming that the bug had been patched, Google spokesman Jay Nancarrow said that the company has "no indication that the vulnerability was actively abused."

Launched just last week, Google Buzz has had a rough rollout. Over the weekend, Google was forced to make changes to the service after users complained that it exposed potentially private information by automatically publishing lists of users' closest Gmail contacts.

Send to a friend

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Desktop modernisation

On the one hand, there is the need to keep the existing desktop environment efficient, secure...

Download Whitepaper

Top 10 myths about virtualising business-critical applications

Even though virtualization has brought positive change to enterprise IT over the last decade,...

Download Whitepaper

Aligning CFO and CIO priorities

Forward-thinking organisations are viewing cloud computing as an investment in business...

Download Whitepaper

The new corporate network

Businesses can’t afford to have employee productivity suffer because they cannot use their...

Download Whitepaper

Techworld UK - Technology - Business

Techworld Awards

Techworld Awards 2012
NOW OPEN for entries

Click here to enter

Find out more

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

LogMeIn Rescue

Accelerate Your IT Efficiency

View the latest capacity management resources including whitepapers, videos and news.

Find out more...

Site Map

Techworld Knowledge Centres

Member Services

ComputerworldUK.com

CIO UK

Macworld

PC Advisor

MacVideo

Digital Arts

MarketBase

CFO World

All contents © IDG 2012:
|
Information for Advertisers |
Privacy Policy |