Security

Facebook Bug Exposes Private Chats

A bug allowed Facebook users to view their friends' chat sessions on the site, prompting the social-networking company to disable its internal instant-messaging service. The bug also let people see their friends' pending friend requests.

To exploit the now-patched hole, people had to manipulate "in a specific way" the site's feature that lets members preview how their profile looks to each of their friends, Facebook said Wednesday on its official corporate page on the site.

The vulnerability existed "for a limited amount of time," the company said. At press time, the chat function remains unavailable.

Technology news site TechCrunch first reported the bug and posted a video that demonstrates how the bug could be exploited.

Facebook didn't immediately respond to a request for comment.

The bug comes at a time when privacy concerns regarding Facebook have heated up, after the company recently introduced features that allow third-party Web sites to tap into users' profile data to personalize their experience for them.

Subscribe to the Security Watch Newsletter

Comments