Facebook Chat Bug - Users might see their friends' live chat
|
D-SWAT
Two days ago, Facebook Chat disabled due to this bug. The bug enabled users to access their friends' live chat histories and friend requests if they manipulated the "preview my profile" feature in a specific way. Facebook said the effects of the bug existed only for a "limited amount of time".
Facebook announced:
For a limited period of time, a bug permitted some users' chat messages and pending friend requests to be made visible to their friends by manipulating the "preview my profile" feature of Facebook privacy settings. When we received reports of the problem, our engineers promptly diagnosed it and temporarily disabled the chat function. We also pushed out a fix to take care of the visible friend requests which is now complete. Chat will be turned back on across the site shortly. We worked quickly to resolve this matter, ensuring that once the bug was reported to us, a solution was quickly found and implemented.
A video demonstrating the vulnerability can be found here.
References:
http://www.itis.tw/node/3882
http://www.eweek.com/c/a/Security/Facebook-Swats-Bug-Exposing-User-Chats-347214/
http://www.theprohack.com/2010/05/facebook-chat-disabled-due-to-chat-bug.html
http://mashable.com/2010/05/05/facebook-chat-down/
|
The information from DrayTek Corp.
About DrayTek
DrayTek Corp., founded in 1997, is a global provider
of comprehensive network security, remote access
and VoIP solutions for residential/small office
and Small and Medium Enterprises(SME) use. To
meet the needs of customers for quality and cost-effectiveness,
DrayTek, with technologies integrated with real-time
Anti-Virus/Anti-Intrusion system, VPN, VoIP and
xDSL broadband access, has successfully delivered
total network protection worldwide. For more information,
please visit the company's website at http://www.draytek.com.
Press Contact:
DrayTek Marketing Dept.
press@draytek.com |
