Google

Google fixes YouTube xxx spam flaw

5 Lug/10

YouTube owner Google has been forced to act quickly to fix a flaw on it’s YouTube video sharing website that allowed hackers to bombard users with pop-up messages, redirecting them to adult websites.

The code was placed in the comments section of targeted videos and would run automatically when people watched the clip.

Google says the problem was fixed within only two hours of being reported, according to the BBC.

“We took swift action to fix a cross-site scripting (XSS) vulnerability on youtube.com,” a spokesperson said.

“Comments were temporarily hidden by default within an hour, and we released a complete fix for the issue in about two hours.

Hackers had used JavaScript and HTML code to trigger the malicious pop-ups.

“The thing with a cross-site scripting attack is that it will appear that it is a message being posted by that website, which gives it a certain legitimacy, Graham Cluley of security firm Sophos told BBC News.

“It could be used to show a message that tells you to update your password; it could link to a malicious website; or it could attempt to phish you.”

For now YouTube is back to it’s old self and if you’re visiting the site in the next week I thoroughly recommend you click on the football icon during playing videos to add an authentic Vuvuzela soundtrack.


© Mike Halsey for gHacks Technology News, 2010. | Permalink | Add to del.icio.us, digg, facebook, reddit, <a href="http://www.stumbleupon.com/submit?url=http://www.ghacks.net/2010/07/05/google-fixes-youtube-xxx-spam-flaw/&title=Google fixes YouTube xxx spam flawstumbleupon, twitter
Post tags: , , , ,

Continua a leggere – Original Link: Google fixes YouTube xxx spam flaw

Technorati Tags: , , , , , , , , , ,

Realizzazione Sito Gestionale Immobiliare

Leggi Anche

Condividi
Condividi in DeliciousCondividi in DiggCondividi in RedditCondividi in StumbleCondividi in MixxCondividi in TecnoratiCondividi in Ok Notizie

Commenti

I commenti sono disabilitati per questo articolo.

I commenti sono chiusi.

Autore

    Spina Rosario
    Inserito da
Gestionale Immobiliare - Realizzazione Sito Web per Agenzia Immobiliare

Archivio

Iscrizione Newsletter

    Tieniti informato con tutte le novità del mondo informatico con la nostra newsletter
    Email:

    Nome:

    Auto Shop Italia
    Web Burning Blog
    Info Privacy

Meta