Google patches Buzz for Mobile security flaw

A cross-site scripting vulnerability that could have allowed attackers to hijack Google Buzz accounts was quickly patched Tuesday after it was made public.

by Tom Krazit February 17, 2010 10:14 AM PST

It has been a rough week for the Google Buzz team.

The fiasco over Buzz's privacy settings is starting to die down now that Google has made several changes, but security experts Tuesday discovered that the Buzz for Mobile service contained a flaw that could allow hackers to run their own code on Google Buzz accounts.

Google has already patched the flaw, which was reported by SecTheory. It was a cross-site scripting vulnerability, which could have allowed an attacker to hijack a Buzz account or run a phishing scam.

Google released a statement regarding the flaw. "We fixed a vulnerability that could have affected users of Google Buzz for mobile on February 16th, hours after it was reported to us. We have no indication that the vulnerability was actively abused. We understand the importance of our users' security, and we are committed to further improving the security of Google Buzz."

Don't Miss

How Facebook's Zucked-up IPO just killed the tech bubble
Internet & Media
Is NFC killing Google Wallet?
Mobile
75 years of the Golden Gate Bridge (pictures)
Slideshow
Cutting-edge all-in-one Asus
Review

CNET Conversations

Driving into the future at VW's Electronics Research Lab

CNET editor at large Brian Cooley goes behind the scenes with Peter Oel, director of Volkswagen Electronics Research Lab, to show you how Silicon Valley is changing the way we drive, from the latest in infotainment systems to new 3D technologies being used for design.

Play Video

Google patches Buzz for Mobile security flaw

Don't Miss

Featured Posts

Most Popular

About Relevant Results

RSS

my Yahoo

Google

MSN

CNET Mobile Apps