Google patches Buzz for Mobile security flaw

A cross-site scripting vulnerability that could have allowed attackers to hijack Google Buzz accounts was quickly patched Tuesday after it was made public.

It has been a rough week for the Google Buzz team.

The fiasco over Buzz's privacy settings is starting to die down now that Google has made several changes, but security experts Tuesday discovered that the Buzz for Mobile service contained a flaw that could allow hackers to run their own code on Google Buzz accounts.

Google has already patched the flaw, which was reported by SecTheory. It was a cross-site scripting vulnerability, which could have allowed an attacker to hijack a Buzz account or run a phishing scam.

Google released a statement regarding the flaw. "We fixed a vulnerability that could have affected users of Google Buzz for mobile on February 16th, hours after it was reported to us. We have no indication that the vulnerability was actively abused. We understand the importance of our users' security, and we are committed to further improving the security of Google Buzz."

Featured Video

Walmart's five buck LED is one of the brightest we've tested

For basic lighting needs, this bulb looks like a solid pick, but its dimming performance leaves a lot to be desired.

by Ry Crist