We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,780 News Articles

Google closes Gmail vulnerability

Flaw posed spam threat to Gmail users

Google has fixed a flaw that would have allowed websites to harvest information from Gmail contact lists, a problem that could have let spammers collect reams of new email addresses.

For an attack to work, a user would have to log into a Gmail account and then visit a website that incorporates JavaScript code designed to take contact information from Gmail.

Proof-of-concept code was publicly posted. The JavaScript code used a capability that Google used to integrate addressing with other services including its video download site and online office productivity suite.

Google appears to have fixed the problem within 30 hours of being notified, wrote Haochi Chen, a blogger who tracks the company on his blog. A Google spokeswoman in London confirmed on Tuesday morning the problem was fixed.


IDG UK Sites

Top 5 Android tips and tricks for smartphones and tablets

IDG UK Sites

How to join Apple's OS X Beta Seed Program: Get OS X Yosemite on your Mac before public release

IDG UK Sites

Why the BBC iPlayer outage was caused by a DDoS attack: Topsy and Tim isn't *that* popular

IDG UK Sites

BBC using Glasgow 2014 Commonwealth Games to trial 4K/UHD, pan-around video, augmented video and...