Google have issued fixes for nasty cross site scripting vulnerabilities which allowed hackers to inject code into the user comment pages. IDG news service reported on this a short while ago.
“Comments were temporarily hidden by default within an hour [of discovering the problem], and we released a complete fix for the issue in about two hours. We’re continuing to study the vulnerability to help prevent similar issues in the future,” a Google spokesman said via e-mail.
Strangely enough the hackers seemed to have issues with teen pop star Justin Bieber who is due to appear on NBC TV for a celebration for the Fourth Of July. He is one of the most popular characters on YouTube so perhaps this was the reason, rather than some personal deep seeded dislike for the guy.
The Google representative also said that the attackers exploits would not have allowed them to access the Google accounts of YouTube visitors who stumbled across a hacked page. That said, he recommended that visitors log out of their Google accounts and log back in, just to be secure.
KitGuru says: A rather nasty little hack indeed, and we are glad to see Google sorting it out so quickly. Discuss in our forums.