light bulb

Did You Know?

Posts: 14,750
Topics: 10,199
Kudos: 32,864
Registered: ‎06-12-2013

Facebook SDK flaw exposes smartphone users’ accounts at risk

[ Edited ]

By paganinip on July 5th, 2014


Facebook SDK

Experts from MetaIntell have discovered a critical vulnerability in the latest version of Facebook SDK which exposes millions of Facebook accounts at risk.

Security experts from MetaIntell have discovered a significant security vulnerability in the latest version of Facebook SDK, which affects numerous iOS and Android apps exposing millions of Facebook user’s Authentication Tokens at risk. The researchers dubbed the vulnerability “Social Login Session Hijacking,”, it could be used by an attacker to access victim’s Facebook account information using access token and session hijacking method.
MetaIntell, the leader in intelligent led Mobile Risk Management (MRM), announced today that it has uncovered a significant security vulnerability in the Facebook SDK (V3.15.0) for both iOS and Android. Dubbed Social Login Session Hijacking, when exploited this vulnerability allows an attacker access to a user’s Facebook account using a session hijacking method that leverages the Facebook Access Token (FAT).” reports MetaIntell in the blog post.

Sr. Community Expert Advisor

Posts: 13,405
Topics: 107
Kudos: 22,496
Registered: ‎11-27-2013

Re: Facebook SDK flaw exposes smartphone users’ accounts at risk

Well Jasper nice to know...My IOS had an update to Facebook last night! Haven't checked my Android yet...

Thanks for the report! Smiley Happy

Kind Regards,


original.png Microsoft® Windows Insider MVP - Windows Security

Helpful Webroot Links:

Download (PC) | Download (Best Buy Subscription) | Submit Trouble Ticket | Account Console | User_Guides | BrightCloud URL lookup

and Introduce yourself to The Community!

ALIENWARE 17R4 Win 10 Pro x64 / Mac OS X El Capitan (10.11.6), IPad's, PCs,W 10 & W 8.1 R Pro. W 7 Pro ..Lenovo (VM:10) & Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Note 4) Beta Tester,Windows Insider Builds