Microsoft has patched a flaw in its Xbox 360 Web site that researchers say could have opened the door to a phishing attack.
Security company Finjan Software said that it notified the software maker of the issue last week and that Microsoft patched its site within 12 hours. The flaw was what is known as a cross-site scripting vulnerability, which could have been exploited by hackers to gather credit card data and other personal information from people looking to get more information about the new game console.
"This discovery is another example of our cooperation with Microsoft and other leading software vendors to fix vulnerabilities before they are exploited by the hacking community," Finjan CEO Shlomo Touboul said in a statement.
A Microsoft representative confirmed that Finjan reported the bug and that the two companies worked to close the security hole. The representative said Microsoft is not aware of any attacks that exploited the vulnerability.
Earlier this year, Microsoft and Finjan became embroiled in a disagreement over the timing of flaw disclosure. The software giant criticized the San Jose, Calif.-based company for posting "proof of concept" code to exploit a security hole on the same day Microsoft released a patch.
Microsoft announced its plans for the second-generation Xbox earlier this month. The game player doesn't go on sale until the holiday shopping season, but the Xbox 360 Web site has gone live with some video clips, game previews and an option to sign up for updates.
Google creates an animated doodle that features a boy, a girl, Google's search engine, and a jump rope. But might there be darker, more analytical, more troubling interpretations to this tale?
The Silicon Valley online payments startup grew by 1,000 percent last year and is hopeful it can repeat that level of growth this year. To do that, it's had to move away from its early friends-and-family roots and embrace small businesses.
Chamtech's spray-on antenna uses a nano material to provide a low-power boost to antenna range. The wireless-in-a-can product may some day bring an end to unsightly cell towers.
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.
May be *big* isn't always slow.