Earlier today, a major hack revealed a security flaw in Twitter’s popular TweetDeck app. Hackers reportedly discovered a “cross-site scripting” (XSS) vulnerability in the system, forcing the company to take all of its TweetDeck apps down for a short time. Twitter says that the error has since been fixed and access to the TweetDeck apps is back to normal.
As soon as the problem was discovered, Twitter issued an update that was supposed to patch the issue. Less than an hour later, when it became apparent that the fix had failed, the micro-blogging site quickly removed all the TweetDeck apps. The service was down for almost an hour before Twitter could confirm that the bug had been fixed. Access was quickly restored.
We’ve verified our security fix and have turned TweetDeck services back on for all users. Sorry for any inconvenience.
— TweetDeck (@TweetDeck) June 11, 2014
The TweetDeck app, which is available on Android, iOS, Chrome, and Mac is very popular with power Twitter users, who like to have more control over which tweets they see at any given time. TweetDeck lets users organize tweets as they please, a service used daily by those who follow thousands of accounts.
Twitter was forced to shut down the service on Wednesday because the vulnerability was massive and in danger of spreading like fire. The flaw let hackers enter computer code in tweets, which would then appear in TweetDeck and run nefarious actions or simply retweet other accounts to spread the bug. Before the service was shut down and the bug patched, TweetDeck users kept receiving random messages, presumably from hackers exploiting the bug.