Google has fixed a flaw in its Gmail web e-mail service that could have allowed remote attackers to compromise users’ e-mail accounts. The flaw came to light when a web blogger called “Anthony” highlighted the problem.
The blogger is reportedly a 14-year-old schoolboy. He discovered the flaw after sending rogue code from his Yahoo web mail account to his Gmail account. His blog is hosted by the Google Blogger service.
Google said it fixed the flaw shortly after the blogger’s initial blog on the problem was posted. Google was not alerted to the flaw directly by the blogger and had to rely on the monitoring of its own blogging service.
It is not thought that the vulnerability was exploited by any remote attackers.