Google fixes Gmail security flaw

Google has fixed a flaw in its Gmail web e-mail service that could have allowed remote attackers to compromise users’ e-mail accounts. The flaw came to light when a web blogger called “Anthony” highlighted the problem.

Google has fixed a flaw in its Gmail web e-mail service that could have allowed remote attackers to compromise users’ e-mail accounts. The flaw came to light when a web blogger called “Anthony” highlighted the problem.

The flaw allowed JavaScript code to be run when a user viewed a particular message in Gmail, potentially allowing malicious code to be used by an attacker to compromise a Gmail account.

The blogger is reportedly a 14-year-old schoolboy. He discovered the flaw after sending rogue code from his Yahoo web mail account to his Gmail account. His blog is hosted by the Google Blogger service.

Google said it fixed the flaw shortly after the blogger’s initial blog on the problem was posted. Google was not alerted to the flaw directly by the blogger and had to rely on the monitoring of its own blogging service.

It is not thought that the vulnerability was exploited by any remote attackers.


 

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close