Early this week we told you about a cross-site request forgery (CSRF) flaw in GMail that would allow attackers to create a filter in your account — possibly forwarding copies of your mail to themselves.
This morning I received an e-mail from a spokesperson at Google who said that the GMail team rolled out a patch last night which fixes the problem.
"Google takes the security of our users’ information very seriously,” the e-mail says, “We worked quickly to address the recently reported vulnerability, and we rolled out a fix. We have not received any reports of this vulnerability being exploited.”
Google says they haven’t heard of anyone being victimized, but it wouldn’t hurt to login and take a quick look at your filter just to be on the safe side.
No comments:
Post a Comment