Language Selection

English French German Italian Portuguese Spanish

Phishing flaw catches Xbox 360 site

Filed under
Microsoft
Security

Microsoft has patched a potentially dangerous flaw on its www.xbox360.com website after security experts warned the software giant of a cross-site scripting vulnerability which could be exploited by hackers to launch phishing attacks.

The vulnerability could be used by web criminals to gather personal and confidential information, such as email address, home address and credit card number, from innocent consumers wishing to pre-order Microsoft's forthcoming gaming console.

IT security firm Finjan Software said that it provided Microsoft with full technical details on 19 May, including proof-of-concept, in order to assist the company with the fix.

Within 12 hours of Finjan's report Microsoft had removed the flaw from its website, which is no longer exposed to this specific vulnerability.

Shlomo Touboul, chief executive and founder of Finjan Software, said: "This discovery is another example of our co-operation with Microsoft and other leading software vendors to fix vulnerabilities before they are exploited by the hacking community."

Source.

More in Tux Machines

Ubuntu Touch Finally Gets a Regression Fix for Nexus 4 and Aquaris Phones

Canonical has recently released a new OTA update for Ubuntu Touch and it brought a large number of new features and improvements, but also a nasty regression that caused the telephony function to fail on BQ phones and Nexus 4. That fix has finally landed. Read more

OpenDaylight dawn: Open-source software defined networking goes into production

OpenDaylight, the open-source, software-defined network, is moving from the lab into full-scale production. Read more

Battle of the sub-$450 Android phones: ZTE Axon vs OnePlus 2 vs Moto X Style

Over the past two weeks we have seen three new Android phones announced that are priced to challenge Samsung, LG, and HTC devices typically found starting at $600. Read more

The AMD Radeon R9 Fury Is Currently A Disaster On Linux

When AMD announced the Radeon R9 Fury line-up powered by the "Fiji" GPU with High Bandwidth Memory, I was genuinely very excited to get my hands on this graphics card. The tech sounded great and offered up a lot of potential, and once finally finding an R9 Fury in stock, shelled out nearly $600 for this graphics card. Unfortunately though, thanks to the current state of the Catalyst Linux driver, the R9 Fury on Linux is a gigantic waste for OpenGL workloads. The R9 Fury results only exemplifies the hideous state of AMD's OpenGL support for their Catalyst Linux driver with a NVIDIA graphics card costing $200 less consistently delivering better gaming performance. Read more