After temporarily taking down its services to assess a security flaw, TweetDeck says it has now fixed the issue that plagued the app Wednesday morning.
An Australian teenage programmer, whose name is Florian, discovered early yesterday that ‘&hearts’ made a heart symbol in HTML and in turn created an opening in TweetDeck’s software. This allowed someone to inject computer program commands via a tweet, in other words a software bug.
He made ‘&hearts’ again, and again, until he made it create a pop-up on his own TweetDeck dashboard. He then announced the vulnerability discovered in TweetDeck before informing Twitter about the problem.
But it was too late. A hacker with the handle @derGeruhn had already attacked the vulnerability causing more than 40,000 users to automatically, involuntarily, retweet a cryptic line of code.
In response, Twitter shut down the application’s access to tweets for about an hour Wednesday while fixing the problem. When the site was taken down, TweetDeck tweeted, “We’ve temporarily taken TweetDeck services down to assess today’s earlier security issue. We’ll update when services are back up.”
Twitter initially told TweetDeck users to log out and log back in. When that proved ineffective, it shut down the application’s access to tweets. Twitter was still accessible through its website and through other applications.