INQUISITR.COM / Science & Tech

Twitter says porn mouseover exploit is ‘fully patched’

By Kim LaCapria
Published on: 00:35 PST, Sep 21, 2010

Twitter was plagued for a bit this morning by a mouseover security flaw that compromised user accounts even if those affected didn’t click the offending link.

Sophos explains how the security flaw compromised “thousands” of accounts, including some high profile ones, redirecting unsuspecting users to “hardcore Japanese porn sites” before it was patched:

The Twitter website is being widely exploited by users who have stumbled across a flaw which allows messages to pop-up and third-party websites to open in your browser just by moving your mouse over a link. In a worrying development, messages are also spreading virally exploiting the vulnerability without the consent of users.

The Register says that Twitter’s team tackled the exploit in within two hours of its appearance. The head of Twitter’s “Trust and Safety” team posted an update confirming the security flaw had been resolved:

The XSS attack should now be fully patched and no longer exploitable. Thanks, those reporting it.

Users employing third-party clients for Twitter such as Tweet Deck were not affected by the exploit.

[Image]

Share this article: Twitter says porn mouseover exploit is ‘fully patched’

Twitter

Popular On Inquisitr

Twitter says porn mouseover exploit is ‘fully patched’

Donald Trump’s Startling ‘Pee Tape’ Confession Leaves Jimmy Kimmel Stunned : “A Reboot”

Leaked Recording Exposes Donald Trump Wanting Melania To Dress Inappropriately at Mar-A-Lago

When Anderson Cooper Talked About Not Wanting His Grandfather's Legacy and His $200 Million Net Worth

Prince William's Big Secret That He Kept From Kate Middleton for Three Weeks Fearing 'Lot of Trouble'

Social Media Users Responded to a Video of Trump Defending His “Grab Them by the P*ssy” Remarks