Tumblr releases emergency update to fix password-sniffing bug
Tumblr has released an emergency update for its iOS app to fix a bug that allowed people to sniff out passwords. Tumblr was notified of the security vulnerability today. The company says that if you have been using its iOS apps, you should also update your Tumblr password and your password on any sites where you use the same password. From the company's blog:
Important security update for iPhone/iPad users
We have just released a very important security update for our iPhone and iPad apps addressing an issue that allowed passwords to be compromised in certain circumstances¹. Please download the update now.
If you've been using these apps, you should also update your password on Tumblr and anywhere else you may have been using the same password. It's also good practice to use different passwords across different services by using an app like 1Password or LastPass.
Please know that we take your security very seriously and are tremendously sorry for this lapse and inconvenience.
¹ "Sniffed" in transit on certain versions of the app
Tumblr can be downloaded from the App Store here. By downloading the latest version you will have closed the password security hole.
Subscribe to Newsletter
Software Updatesmore updates
- Dropbox adds file/folder renaming and Office document editing to iOS app
- Vizzywig 8xHD price tag now a very affordable $49.99
- Automatic targets teen drivers with License+ service
- Dropbox adds support for TouchID
- YouTube for iOS gets updated with full support for iPhone 6 and 6 Plus
- iOS 8.0.1 update now available (Updated -- Don't update!)