light bulb

Did You Know?



Reply
Highlighted
Posts: 10,522
Topics: 7,167
Kudos: 17,487
Registered: ‎06-12-2013

Facebook SDK flaw exposes smartphone users’ accounts at risk

[ Edited ]

By paganinip on July 5th, 2014

 

Facebook SDK

Experts from MetaIntell have discovered a critical vulnerability in the latest version of Facebook SDK which exposes millions of Facebook accounts at risk.

Security experts from MetaIntell have discovered a significant security vulnerability in the latest version of Facebook SDK, which affects numerous iOS and Android apps exposing millions of Facebook user’s Authentication Tokens at risk. The researchers dubbed the vulnerability “Social Login Session Hijacking,”, it could be used by an attacker to access victim’s Facebook account information using access token and session hijacking method.
MetaIntell, the leader in intelligent led Mobile Risk Management (MRM), announced today that it has uncovered a significant security vulnerability in the Facebook SDK (V3.15.0) for both iOS and Android. Dubbed Social Login Session Hijacking, when exploited this vulnerability allows an attacker access to a user’s Facebook account using a session hijacking method that leverages the Facebook Access Token (FAT).” reports MetaIntell in the blog post.
 

Community Expert Advisor

Posts: 10,514
Topics: 99
Kudos: 13,504
Registered: ‎11-27-2013

Re: Facebook SDK flaw exposes smartphone users’ accounts at risk

Well Jasper nice to know...My IOS had an update to Facebook last night! Haven't checked my Android yet...

Thanks for the report! Smiley Happy

Kind Regards,

Sherry

SigGVIP.pngSigEPA.pngambassadorsig.png
Helpful Webroot Links:
Download (PC) | Download (Best Buy Subscription) | Submit Trouble Ticket | Account Console | User_Guides | BrightCloud URL lookup

Register
and Introduce yourself to The Community!

ALIENWARE 17R3 Win 10 Pro x64 / Mac OS X El Capitan (10.11), IPad's, PCs,W 10 & W 8.1 R Pro. W 7 Pro ..Lenovo (VM:W7,8.1,10) & Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Note 4) Beta Tester