From BBC News:
Facebook fixes embarrassing security flaw
Facebook has rushed to fix a security flaw that allowed users to eavesdrop on the live chats of their friends and see their pending friend requests.
The exploit used the site's privacy features - intended to protect a user - to expose the personal information.
...The exploit - originally reported by the blog TechCrunch - worked via an option in privacy settings that allows people to preview their profiles as it would appear to their friends.
...But it was never intended to show others what their friends were actually doing.
"For a limited period of time, a bug permitted some users' chat messages and pending friend requests to be made visible to their friends by manipulating the 'preview my profile' feature of Facebook privacy settings," Facebook said in a statement.
No comments:
Post a Comment