Facebook fixes bug affecting Hotmail users

Turkish researchers find hole in password reset feature of Facebook that put some Hotmail users' accounts at risk.

Facebook has fixed a bug in the site's password reset feature that could have been exploited to expose passwords of a small number of users who also use Hotmail.

"We can access password of any facebook user who uses hotmail email address as their facebook account," Turkish security researcher Serkan Gencel, wrote in an e-mail to CNET this weekend. "If you have any hotmail account and if it is used as facebook account, we can change and send you your new password:)."

A Facebook spokesman released a statement today confirming the bug and saying it had been fixed.

"We were notified of this vulnerability by a Turkish security researcher via our white hat queue, and we worked to quickly resolve the problem," the statement said.

"When properly notified, we will quickly investigate all legitimate reports of security vulnerabilities and fix potential problems, and have adopted a responsible disclosure policy to encourage notifications," the statement said. "We encourage security researchers who identify security problems to embrace the practice of notifying Web site security teams of problems and giving them time to fix the problems before making any information public."

The company also thanked the researchers for "bringing this to our attention, and demonstrating the value of responsible disclosure."

The problem was covered on this Turkish news Web site.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Details about Apple's 'spaceship' campus from the drone pilot who flies over it

MyithZ has one of the most popular aerial photography channels on YouTube. With the exception of revealing his identity, he is an open book as he shares with CNET's Brian Tong the drone hardware he uses to capture flyover shots of the construction of Apple's new campus, which looks remarkably like an alien craft.

by Brian Tong