According to reports, Google has fixed the cross-site scripting vulnerability which the hackers used on Sunday morning to swathe YouTube videos with off-color pop-ups as well as redirects to adult-site.
Going by an IDG News Service report, the vulnerability enabled them to insert code onto the viewer-comments pages of the popular video-sharing site. With the hackers largely focusing on video clips related to the teen pop icon Justin Bieber, it was the singer?s fans that first spotted the site?s hack.
Citing the information forwarded by Google representative, IDG reported that the exploits by the hackers disallowed access to Google accounts of YouTube visitors who had cone upon a hacked page. The representative also said that, as a safety measure, visitors should log out of their Google accounts and then log in again.
Further, IDG also quoted a source who revealed that though the hack itself did not involve malware, the landing pages to which visitors were redirected might possibly be malware-ridden. The source also added that most antivirus software would possibly be a sufficient safeguard against the malware.
Yesterday's news on the above in http://forums.cnet.com/5208-6132_102-0.html?messageID=3333619#3333619