Slack, serious vulnerability fixed

Slack, serious vulnerability fixed
Slack users were unknowingly in serious danger, now thwarted by the bug bounty program carried out through the well-known HackerOne project.

Slack was vulnerable

With just $ 1750 investment, Slack was able to put aside a problem that could have been extremely serious both for the reputation of the software and for the safety of users who use it in the business environment. Collaboration on this platform was in fact dangerous when used through the desktop app, within which a serious vulnerability was identified that could have allowed remote code execution.

This becomes all the more so serious by virtue of the fact that it is a software for collaboration in an enterprise environment, which also puts sensitive data and intellectual property at risk. The risk, however, turned out to be a bullet fired with blanks: the bug was fixed before being enunciated and before revealing itself as a "zero day" that could have created serious embarrassments.

The technical details on the problem are now available on the dedicated HackerOne tab, but in fact the problem should be considered archived.

Source: Mashable

Powered by Blogger.