Facebook Fixing 'New Year's Midnight Delivery' Message Flaw


The social-networking company is "working on a fix for this issue now," it said in a statement.

A security flaw that had allowed Facebook users to view others "New Year's Midnight Delivery" messages is being fixed by the social-networking service, according to a statement from the company cited by multiple tech websites

The flaw was reportedly first pointed out by Jack Jenkins, who is described on a personal blog as a Business IT student. Facebook's "Midnight Delivery" is an app that can be installed that allows users to send a message to another person at midnight on New Year's eve. 

STORY: Facebook CEO Mark Zuckerberg Donates $500 Million to Charity

According to Jenkins, by manipulating the Facebook ID "at the end of the URL of a sent message on the FacebookStories site, you are able to view other peoples Happy New Year messages." 

Facebook became aware of the flaw and is currently fixing the problem. "[W]e are working on a fix for this issue now, and in the interim we have disabled this app on the Facebook Stories site to ensure that no messages can be accessed," read a statement  to The Verge

During this writing, the Facebook "Midnight Delivery" page alternated between displaying correctly and listing that it was "undergoing some maintenance."

From the Web

comments powered by Disqus