Language Selection

English French German Italian Portuguese Spanish

Phishing flaw catches Xbox 360 site

Filed under

Microsoft has patched a potentially dangerous flaw on its website after security experts warned the software giant of a cross-site scripting vulnerability which could be exploited by hackers to launch phishing attacks.

The vulnerability could be used by web criminals to gather personal and confidential information, such as email address, home address and credit card number, from innocent consumers wishing to pre-order Microsoft's forthcoming gaming console.

IT security firm Finjan Software said that it provided Microsoft with full technical details on 19 May, including proof-of-concept, in order to assist the company with the fix.

Within 12 hours of Finjan's report Microsoft had removed the flaw from its website, which is no longer exposed to this specific vulnerability.

Shlomo Touboul, chief executive and founder of Finjan Software, said: "This discovery is another example of our co-operation with Microsoft and other leading software vendors to fix vulnerabilities before they are exploited by the hacking community."


More in Tux Machines

Android 6.0 Marshmallow review

Android, Google’s mobile operating system, has matured a lot over the past year. It’s running on 1.4 billion devices (up from 1 billion last year) and its most popular app store, Google Play, has more than 1 billion active users. In the last quarter, IDC estimates that Android held 82.8 percent of the global smartphone market. As its newest iteration, 6.0 Marshmallow, rolls out, Android’s going incredibly, undeniably strong. Read more

At the Heart of OpenStack Evolution

As it matures, OpenStack's parallel to Linux is clearer. Linux emerged 20 years ago as a somewhat exotic challenger to proprietary operating systems. Today, it is one of the most popular and widely used OSes. However, Linux still exists in a market of mixed use. It's likely that OpenStack will be subject to the same effect, becoming a viable option among a number of cloud infrastructures. Read more

GParted Live Gets the Latest Updates from Debian Sid

GParted Live, a small bootable GNU/Linux distribution for x86-based computers that can be used for creating, reorganizing, and deleting disk partitions, has been upgraded to version 0.23.0-2 and is now available for download. Read more

MATE-Desktop 1.11 Released, Working Towards MATE 1.12

MATE developers are currently working towards MATE 1.12. MATE 1.12 is expected to have full support for GTK3, initial support for Wayland, support for GNOME Account Servers, full support for systemd's logind, xf86-input-libinput driver support, and various other changes. The work-in-progress items can be found via the MATE-Desktop Roadmap. Read more