Shark Lady Tech

Technology, Internet, Gadgets and Geeks

Posts Tagged ‘security flaw’

Hackers Find Google Buzz Exploit

February 18th, 2010

It’s not enough that Google Buzz infringes your privacy, now it’s revealed that it also has at least one medium security flaw.

This security problem in Google Buzz is caused by a programming error, called a cross-site scripting flaw. This hole lets an attacker put his own scripting code into web pages that belong to sites such as Google.

This flaw makes it possible for an hacker to “use” your Google Buzz account – he can say things in your name and make you follow people you don’t want to. This also opens the door to phishing attacks.

This security problem was discovered by a hacker named TrainReq, best known for posting photos stolen from pop star Miley Cyrus’ e-mail account to the Internet.

Google said they are aware of the flaw and that they will fix it.

No comments »

Posted in Hacking and Security, Internet, Social Networks

Tags: bug cross-site scripting flaw exploit google google buzz hackers security flaw

Yet Another IE Security Problem

February 4th, 2010

It’s not new – we already know it. Internet Explorer is a flawed browser, with many security holes – and it just ripped itself a new one.

Microsoft has issued Security Advisory (980088), which basically says that Internet Explorer, for those who use Windows XP or who have disabled Internet Explorer Protected Mode, allows access to files with an already known filename and location. In other words – hackers can browse your files vie IE.

Browser versions affected are: Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service 4; Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4; and Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows Server 2003 Service Pack 2. Protected Mode prevents exploitation of this vulnerability and is running by default for versions of Internet Explorer on Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008.

Microsoft continues to encourage customers to follow the “Protect Your Computer” guidance of enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software. The company hasn’t issued a patch yet.