Language Selection

English French German Italian Portuguese Spanish

Phishing flaw catches Xbox 360 site

Filed under

Microsoft has patched a potentially dangerous flaw on its website after security experts warned the software giant of a cross-site scripting vulnerability which could be exploited by hackers to launch phishing attacks.

The vulnerability could be used by web criminals to gather personal and confidential information, such as email address, home address and credit card number, from innocent consumers wishing to pre-order Microsoft's forthcoming gaming console.

IT security firm Finjan Software said that it provided Microsoft with full technical details on 19 May, including proof-of-concept, in order to assist the company with the fix.

Within 12 hours of Finjan's report Microsoft had removed the flaw from its website, which is no longer exposed to this specific vulnerability.

Shlomo Touboul, chief executive and founder of Finjan Software, said: "This discovery is another example of our co-operation with Microsoft and other leading software vendors to fix vulnerabilities before they are exploited by the hacking community."


More in Tux Machines

6 smart settings to make your Android phone anticipate your needs

There's no denying that our smartphones have made our lives so much easier, putting our contacts and schedules, our driving directions, the whole internet, right at our fingertips. But if you're using an Android phone you might be leaving even more convenience on the table. There are a bunch of super-smart settings in Nougat and Google Now that’ll make your Android device feel like it’s 10 steps ahead of you. Your Android phone can be proactively telling you how long it’ll take to get to work in the morning, and nudging you when your favorite team is about to take the field. Your device can keep itself unlocked whenever it’s on you, and those snapshots you just took can automatically be arranged into beautiful collages. Battery running low? Android can know to dial down background activity to keep your phone alive. And if you love the idea of asking Google questions without ever touching your phone, you can train your phone to do that, too. Read more

Android and Tizen Leftovers

Update: Convictions Upheld, Sentences Extended In Romanian Microsoft Bribery Trial

According to the blog post, the trial ended on October 3rd, and investigators found that more than 100 people, including former ministers, the mayor of Bucharest, and various businessmen were involved in this latest corruption scandal involving Microsoft. More than 20 million euros were paid by Microsoft there as bribes. [...] These bribery convictions are just the tip of the iceberg. Multiple news outlets are reporting on investigations of bribery in other countries as well as separate investigations by the US Department of Justice and the US Securities And Exchange Commission. Read more

Red Hat News