A widget based on Adobe’s Flash Player was disabled by Twitter after a
security analyst notified the company of a weakness permitting access into
targeted user accounts.
Mike Bailey, senior security analyst at Foreground Security, revealed the
weak spot in the Flash-based widget without providing details of the Twitter
exploit publicly. He is scheduled to give a presentation on vulnerabilities in
Adobe’s Flash Player, including the one afflicting Twitter’s widget, during the
Black Hat 2010 security conference in early February.
No user accounts at Twitter were known to be affected though Bailey suggested
that if the flaw was exploited by hackers it was "impossible to know".