TIME Security

Stay Out of TweetDeck Until This Massive Security Flaw Is Fixed

If you're a Chrome user who uses the popular Twitter client you should avoid it — for now

The Chrome version of popular Twitter client TweetDeck for Chrome was affected by a potentially massive security flaw Wednesday, leaving users scrambling to prevent the problem from affecting their accounts.

The flaw allows JavaScript to be executed elsewhere in TweetDeck users’ browsers, resulting in un-wanted pop-ups and retweets as well as potentially creating avenues for hackers to grab sensitive data, like login information.

The problem was first brought to the world’s attention by security researchers and journalists Wednesday morning. TweetDeck issued a statement a few hours later saying the problem was fixed, but the problem continued for many users, possibly because the bug was spreading itself through automatic retweets from compromised accounts.

TweetDeck has since been taken offline so Twitter, which has owned TweetDeck since 2011, can “assess today’s earlier security issue.”

The best advice for TweetDeck for Chrome users right now is to completely avoid the app until Twitter provides more clarity about the problem. It would also be wise to reset your Twitter password and revoke TweetDeck’s access to your Twitter account and anything else to which it’s connected.

Alternatives to TweetDeck for Chrome include the desktop app, Twitter.com and the third-party HootSuite client.

Your browser, Internet Explorer 8 or below, is out of date. It has known security flaws and may not display all features of this and other websites.

Learn how to update your browser
Follow

Get every new post delivered to your Inbox.

Join 46,510 other followers