There is a major security flaw in the social networking site Facebook, that, with just a few mouse clicks, enables any user to view the live chats of their ‘friends’.
Using what sounds like a simple trick, a user can also access their friends’ latest pending friend-requests and which friends they share in common.
Facebook sent TechCrunch this statement.
For a limited period of time, a bug permitted some users’ chat messages and pending friend requests to be made visible to their friends by manipulating the “preview my profile” feature of Facebook privacy settings.
When we received reports of the problem, our engineers promptly diagnosed it and temporarily disabled the chat function. We also pushed out a fix to take care of the visible friend requests which is now complete.
Chat will be turned back on across the site shortly. We worked quickly to resolve this matter, ensuring that once the bug was reported to us, a solution was quickly found and implemented.
A terrible embarrassment for Facebook !
Thanks Robert aka StrayCat.
