Language Selection

English French German Italian Portuguese Spanish

Phishing flaw catches Xbox 360 site

Filed under
Microsoft
Security

Microsoft has patched a potentially dangerous flaw on its www.xbox360.com website after security experts warned the software giant of a cross-site scripting vulnerability which could be exploited by hackers to launch phishing attacks.

The vulnerability could be used by web criminals to gather personal and confidential information, such as email address, home address and credit card number, from innocent consumers wishing to pre-order Microsoft's forthcoming gaming console.

IT security firm Finjan Software said that it provided Microsoft with full technical details on 19 May, including proof-of-concept, in order to assist the company with the fix.

Within 12 hours of Finjan's report Microsoft had removed the flaw from its website, which is no longer exposed to this specific vulnerability.

Shlomo Touboul, chief executive and founder of Finjan Software, said: "This discovery is another example of our co-operation with Microsoft and other leading software vendors to fix vulnerabilities before they are exploited by the hacking community."

Source.

More in Tux Machines

Wine and Games

Qt 5.9.3 Released

I am pleased to inform that Qt 5.9.3 is released today. As a patch release Qt 5.9.3 does not add any new functionality, focus is in bug fixes and performance improvements. Compared to Qt 5.9.2, the new Qt 5.9.3 contains over 100 bug fixes and in total more than 500 changes since Qt 5.9.2. For details of the most important changes, please check the Change files of Qt 5.9.3. Read more

Interview with FreeDOS Founder and Lead Dev Jim Hall

It’s been 23 years to the FreeDOS project. FreeDOS founder Jim Hall shares some interesting insight into this veteran open source project. Read more

Programming and howtos: Python, Swift and Recipes