Language Selection

English French German Italian Portuguese Spanish

Phishing flaw catches Xbox 360 site

Filed under
Microsoft
Security

Microsoft has patched a potentially dangerous flaw on its www.xbox360.com website after security experts warned the software giant of a cross-site scripting vulnerability which could be exploited by hackers to launch phishing attacks.

The vulnerability could be used by web criminals to gather personal and confidential information, such as email address, home address and credit card number, from innocent consumers wishing to pre-order Microsoft's forthcoming gaming console.

IT security firm Finjan Software said that it provided Microsoft with full technical details on 19 May, including proof-of-concept, in order to assist the company with the fix.

Within 12 hours of Finjan's report Microsoft had removed the flaw from its website, which is no longer exposed to this specific vulnerability.

Shlomo Touboul, chief executive and founder of Finjan Software, said: "This discovery is another example of our co-operation with Microsoft and other leading software vendors to fix vulnerabilities before they are exploited by the hacking community."

Source.

More in Tux Machines

Inside Cisco's OpenStack Cloud Strategy

Cisco first got involved with the open-source OpenStack cloud platform in 2011 with the Bexar release and initially was focused mostly on networking. Over the last several years, Cisco's OpenStack involvement and product portfolio have grown beyond just networking. Read more

NVIDIA Posts Tegra Gallium3D Patch For K1+ Support

NVIDIA has out a wonderful Thanksgiving surprise... New Mesa code for Tegra K1 GPUs and newer! While NVIDIA has already pushed Nouveau Gallium3D support patches for Tegra K1 after providing Tegra K1 DRM/KMS kernel driver support, there's more code coming out today. NVIDIA's Thierry Reding sent out a nearly two thousand line Mesa patch that introduces a new Tegra Gallium3D driver. This "Tegra" code at gallium/drivers though isn't a complete 3D driver -- the Tegra K1+ still use the NVIDIA NVC0 Gallium3D driver for the actual rendering. This patch sets up a screen and forwards on the work to the Nouveau Gallium3D driver given that the Tegra K1 uses a Kepler-derived graphics processor. This work is needed since the GPU and display are exposed as separate devices by this NVIDIA ARM SoC. Read more

Ubuntu 14.10 MacBook Air Tests With Linux 3.18, Mesa 10.5

This week I posted some OS X 10.10 vs. Ubuntu 14.10 benchmarks from a Haswell-based Apple MacBook Air. Ubuntu 14.10 out-of-the-box was largely performing better than Apple's latest OS X Yosemite release while today are some more Ubuntu OpenGL numbers tossed in for the graphics tests when upgrading against Intel's latest HD Graphics code for Linux. Read more

Confirmed: Ubuntu-Powered Meizu MX Devices to Land in Europe Soon

Canonical and Meizu have signed a partnership for the distribution of Ubuntu-powered phones that should arrive in the first months of 2015. The details are still sketchy, but the information about this collaboration has been confirmed. Read more