TweetDeck (Chrome) Users Hit With Remote Hack

TweetDeck

A newly discovered vulnerability in TweetDeck for Chrome is allowing attackers to remotely execute javascript code through an unpatched vulnerability. Users have reported seeing random pop-up windows reading “Yo!” or “Please close now TweetDeck [sic], it is not safe.” The vulnerability is believed to be confined to web version of TweetDeck, but other users have reported similar attacks in TweetDeck’s Windows app. Twitter says that they have fixed the vulnerability, and users can apply the fix by logging out of TweetDeck and logging back in. We are still in the process of confirming the fix, and will update with any results. Researchers have reported XSS problems from TweetDeck in the past, most notably from Mikko Hypponen in 2011, but developers reported the vulnerability as fixed the following day, and most believed it to be a closed issue.

Read the full story at The Verge.

Author:

Shelly Palmer

Shelly Palmer is Fox 5 New York's On-air Tech Expert (WNYW-TV) and the host of Fox Television's monthly show Shelly Palmer Digital Living. He also hosts United Stations Radio Network's, Shelly Palmer Digital Living Daily, a daily syndicated radio report that features insightful commentary and a unique insiders take on the biggest stories in technology, media, and entertainment. He is Managing Director of Advanced Media Ventures Group, LLC an industry-leading advisory and business development firm and a member of the Executive Committee of the National Academy of Television Arts & Sciences (the organization that bestows the coveted Emmy® Awards).