Sign in. It’s quick, free and it’s up to you.
An account is an optional way to support the work we do. Find out more.
Updated 7:48pm
ALL VERSIONS OF TweetDeck have been taken down after a major security flaw was discovered.
The flaw, which allows attackers to execute javascript code remotely, resulted in a number of users seeing pop-up windows in both the Chrome and Windows version of Tweetdeck.
The security flaw involves XSS (cross-site scripting), a computer vulnerability mostly found in web applications which allows hackers to inject script into webpages to help them access user accounts and other sensitive data.
One instance of the bug caused one tweet, containing nothing but code, to be retweeted by other accounts.
When the flaw was discovered earlier today, Tweetdeck tweeted that the problem was fixed and asked users to log out and in again. However, it tweeted again saying it was taking down all versions of the service to assess the issue.
If you can still access Tweetdeck, it’s recommended you sign out of the service and deactivate it on Twitter.com. By going into settings and apps, you can revoke access of Tweetdeck as a precautionary measure.
[Update: 7:48pm]
The service tweeted another update to say the security issue has been fixed. Again, make sure to log out and log back in again to ensure the update has been made.
Originally published:
To embed this post, copy the code below on your site
What is tweet deck?
Tut tut. All inputs should be sanitised. Web App Dev 101.
It’s back! The issue has been resolved! Tweetdeck have just tweeted same.
All emanates from state-sponsored ‘tourists’ as Bush used to say and an over-reliance on technology.
Highly recommend a wonderful youtube video called Look Up.
have your say