Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

Twitter
vulnerability

Tweetdeck takes service down after security flaw was discovered

The service was taken down after users started receiving random pop-up messages on the Chrome and Windows version.

Updated 7:48pm

ALL VERSIONS OF TweetDeck have been taken down after a major security flaw was discovered.

The flaw, which allows attackers to execute javascript code remotely, resulted in a number of users seeing pop-up windows in both the Chrome and Windows version of Tweetdeck.

The security flaw involves XSS (cross-site scripting), a computer vulnerability mostly found in web applications which allows hackers to inject script into webpages to help them access user accounts and other sensitive data.

One instance of the bug caused one tweet, containing nothing but code, to be retweeted by other accounts.

When the flaw was discovered earlier today, Tweetdeck tweeted that the problem was fixed and asked users to log out and in again. However, it tweeted again saying it was taking down all versions of the service to assess the issue.

If you can still access Tweetdeck, it’s recommended you sign out of the service and deactivate it on Twitter.com. By going into settings and apps, you can revoke access of Tweetdeck as a precautionary measure.

[Update: 7:48pm]

The service tweeted another update to say the security issue has been fixed. Again, make sure to log out and log back in again to ensure the update has been made.

Originally published:

Read: Scientists create laser device that can detect drunk drivers >

Read: Google buys satellite company Skybox Imaging for $500 million >

Your Voice
Readers Comments
4
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.