Update 3: Twitter has issued a security fix and turned TweetDeck services back on for all of its users. “Sorry for any inconvenience,” it said in a tweet.
Update 2: The problem hasn’t been fixed, it would seem. Many users have logged out of TweetDeck and logged back in, but are still experiencing the problem. One particular exploit is causing tweets to be auto-retweeted by other TweetDeck users, while another apparently just rickrolls you.
Twitter has acknowledged the problem and, in response, taken down TweetDeck services temporarily. “We’ll update when services are back up,” it said.
Update 1: Twitter says the vulnerability has now been fixed. if you log out of TweetDeck and log back in again, the patch should be applied automatically.
If you’re using TweetDeck, we recommend revoking the platform’s access to your Twitter account immediately. A flurry of tweets have come through recently about an XSS vulnerability, which could, if accurate, put users at risk.
XSS means Twitter isn’t stripping dangerous code from tweets, allowing JavaScript to run in the context of another user. This is bad.
— Chris Williams (@diodesign) June 11, 2014
We’ve reached out to Twitter to confirm the problem and whether they’re working on a patch. At this point, the extent of the problem isn’t clear – but it’s best to be on the safe side while we wait for more information.
Featured image credit: Andrew Burton/Getty Images
Get the TNW newsletter
Get the most important tech news in your inbox each week.