A flaw that allowed Facebook users to view other members’ private photos has been quickly patched by the social networking giant. The bug which was discovered by members of the Bodybuilding.com forums allowed users to view photos which had been set to “private” via Facebook’s own abuse reporting tool. Despite the bug being identified and fixed, there is still a chance that many Facebook users have had their private photos seen by other Facebook users.
Here’s a quick run-down of the process involved before the fix:
- The Facebook member clicks the “Report” button on any profile that is not their own.
- They choose “Inappropriate Profile Photo” before clicking “Continue“.
- If the user checks “Nudity/Pornography” and proceeds, then they are invited to choose additional offending images.
- Facebook displays a selection of other photos – potentially including those set to “private” – that the user may choose to report as well.
Facebook claimed only a limited number of profiles were affected, though has refused to provide any numbers. According to a Facebook spokesperson, the issue arose in “one of our most recent code pushes” and has not been exploitable for very long.