Received network Facebook a lot of criticism recently because of poor cooperation with data users because of the security loopholes, and now there is another security hole surfaced recently. The company submitted Imperva specialized in the field of Safe information details about another security hole in the Facebook network can be offered to information users and their friends at risk.
It is reported that the loophole enabled websites to access private information about Facebook users and their friends through the unauthorized access to the application programming interface via a certain behavior in the browser Google Chrome. Detected this vulnerability on Facebook in the month of May, but was corrected after that.
To exploit the vulnerability, attackers to the implementation of what is referred to provide the request via the website. May be required from one of the Facebook users visit a malicious web site using the browser Google Chrome and then click in any place on this site while he is still signed in to Facebook. This will enable the attackers open a new popup window or a new tab in the search page on Facebook and run queries to access information personal to the user.
Provided company Imperva examples of some of these queries which include to check if the user has the image in a certain position or if he had written any consultations by the specific text. Thus, we can use vulnerability to to the concerns of the user and his friends even if he did activate its privacy settings in a way that makes the information visible to friends only.
On this subject, stated Facebook by saying : ” We appreciate this report as part of the rewards program our own “. She added : ” We fixed this problem in the search page of our own and we have not seen any abuse. Because this behavior is mainly linked to a network of Facebook alone, we have provided our recommendations of the corporate developer of the browser and web standards to encourage them to take steps to prevent the occurrence of such problems in other web applications “.
The post discovery of a security flaw in the new Facebook network can be offered to user data compromised appeared first on email.