How much mayhem did this vulnerability cause in that brief time? Thankfully, nothing hardcore – compromised accounts simply retweeted a few lines of code, setting off the same reaction in any account that was monitoring them at the time. Quite a few major accounts all over the world appear to have been hit, including our own humble twitter handle. Our experience with it varied – it can either be as simple as an annoying pop window saying “Yo!” to one that appears and then causes your entire PC to crash.
After it was discovered, Twitter originally reported saying that this vulnerability issue was fixed by simply logging out and logging back in. However, a few minutes later Tweetdeck services went down in order to properly assess the vulnerability. This we are guessing was because it was still active since we got hit even after Twitter’s announcement.
It was just announced that the Tweetdeck team has finished their assessment, which shows that the fix has worked and the app is back online. All’s well that ends well: kudos to the Tweetdeck team for a swift response.