On his blog, Anthony, a 14-year-old programmer, announced a vulnerability in Gmail that could be exploited to execute malicious code when users open an email containing the exploit in their Gmail account.
Anthony discovered that the vulnerability could execute a snippet of JavaScript when he sent a line of code from a Yahoo email to a Gmail account. Surprisingly, upon opening this email, Gmail would execute the code as well. According to Anthony, hackers could exploit this security flaw to steal Gmail accounts or compromise these accounts in other ways.
After the information was reported, Google quickly tested and fixed the vulnerability within 24 hours. While the fix was implemented swiftly, one can imagine how dangerous it would be if a group of skilled crackers, adept at breaking security and programming, collaborated to attack “giants” like Google and exploit the email services these tech giants provide.
More information about this vulnerability can be found on Anthony’s blog or in Google’s response here.
THANH TRỰC
