Science & technology
Twitter restores TweetDeck service
Publish Date: Jun 11, 2014
Twitter restores TweetDeck service
  • mail
  • img
newvision

TWITTER took its browser-based TweetDeck service offline Wednesday as it wrestled with a vulnerability that criminals exploited to tweet script-filed messages to victims' feeds.

"We've temporarily taken TweetDeck services down to assess today's earlier security issue," Twitter's TweetDeck account reported.

An hour later, the service was back up and running. "We've verified our security fix and have turned TweetDeck services back on for all users. Sorry for any inconvenience," TweetDeck said, again on Twitter

A cross-site scripting (XSS) vulnerability was to blame, researchers quickly said.

"This vulnerability very specifically renders a tweet as code in the browser, allowing various cross-site scripting (XSS) attacks to be run by simply viewing a tweet," said Trey Ford, a security strategist at Rapid7.

"The current attack we're seeing is a 'worm' that self-replicates by creating malicious tweets."

The vulnerability primarily affected users who had installed the TweetDeck Web app designed for Google's Chrome browser, but there were scattered reports that the bug also impacted the Windows client application and the Web app for Firefox.

Twitter itself, including its website-based feed and those it served to its own and third-party desktop and mobile clients, was unaffected.

Earlier Wednesday, TweetDeck urged users to log out of the service, then log back in, a process that was meant to clear users' sessions and thus prevent any additional malicious tweeting.

Some who followed instructions, however, continued to see unauthorized tweets on their feeds.

The statements, comments, or opinions expressed through the use of New Vision Online are those of their respective authors, who are solely responsible for them, and do not necessarily represent the views held by the staff and management of New Vision Online.

New Vision Online reserves the right to moderate, publish or delete a post without warning or consultation with the author.Find out why we moderate comments. For any questions please contact digital@newvision.co.ug

  • mail
  • img
blog comments powered by Disqus
Also In This Section
NASA spacecraft to begin orbiting Mars within days
An unmanned NASA spacecraft launched last year to study the history of climate change on Mars is to begin orbiting the Red Planet on Sunday after a 10-month journey....
Amazon unveils new Fire tablets and Kindle e-readers
Amazon.com on Wednesday expanded its array of tablets and Kindle e-readers, capping its line-up with a new flagship Fire HDX boasting 'stunning' display and Dolby Atmos sound....
Number of websites explodes past a billion
The number of websites has burst above one billion and is growing apace, according to figures updated in real time Tuesday by online tracker Internet Live Stats....
New Apple mobile software arrives
New-generation Apple software for powering its coveted mobile devices is set for release on Wednesday, two days ahead of the arrival of its latest iPhones....
Sony warns of $2.14 bn annual loss, blames mobile unit
Sony on Wednesday said it would lose $2.14 billion this fiscal year, more than four times its earlier forecast as the Japanese electronics giant blamed a downturn in its mobile phone business....
Highway Africa 2014 discusses social media
The time is now. Yes it’s time. In the new era of digital and convergence in journalism, social media can no longer be on the margins. Where should it be now? This crucial question was answered at a recent 18th edition of Highway Africa conference....
Should bride price be made optional?
Yes
No
Can't Say
follow us
subscribe to our news letter