Language Selection

English French German Italian Portuguese Spanish

Phishing flaw catches Xbox 360 site

Filed under
Microsoft
Security

Microsoft has patched a potentially dangerous flaw on its www.xbox360.com website after security experts warned the software giant of a cross-site scripting vulnerability which could be exploited by hackers to launch phishing attacks.

The vulnerability could be used by web criminals to gather personal and confidential information, such as email address, home address and credit card number, from innocent consumers wishing to pre-order Microsoft's forthcoming gaming console.

IT security firm Finjan Software said that it provided Microsoft with full technical details on 19 May, including proof-of-concept, in order to assist the company with the fix.

Within 12 hours of Finjan's report Microsoft had removed the flaw from its website, which is no longer exposed to this specific vulnerability.

Shlomo Touboul, chief executive and founder of Finjan Software, said: "This discovery is another example of our co-operation with Microsoft and other leading software vendors to fix vulnerabilities before they are exploited by the hacking community."

Source.

More in Tux Machines

Canonical Patches Four Linux Kernel Vulnerabilities in Ubuntu 15.04 and Ubuntu 14.04

Today, July 28, Canonical published details about new Linux kernel updates for its Ubuntu 15.04 (Vivid Vervet) and Ubuntu 14.04 LTS (Trusty Tahr) operating systems, urging users to update the installations as soon as possible. Read more

Ubuntu Software Center Is Really Hated by the Community, but Why?

Ubuntu MATE recently decided to drop the Ubuntu Software Center and it will not longer be available with the upcoming 15.10 Alpha 2 release. This is interesting in itself, but this editorial is about another aspect. From the looks of it, a very large part of the Ubuntu and Linux community really hates the Ubuntu Software Center. Read more

Wine Announcement

The Wine development release 1.7.48 is now available. What's new in this release (see below for details): - Fleshed out OpenMP implementation. - I/O stream support in the MSVCIRT C++ runtime. - Support for pixel snapping in DirectWrite. - More support for OpenGL core contexts. - Various bug fixes. Read more

Canonical Closes QEMU Vulnerabilities in Ubuntu 15.04 and Ubuntu 14.04 LTS

Three QEMU vulnerabilities have been found and corrected in Ubuntu 15.04 and Ubuntu 14.04 LTS operating systems by Canonical. Read more