by Yulia Lomanova | April 6, 2021 6:54 am
March has been quite a busy month for software developers and testers. Recent flaws in popular applications have allowed malicious users to send harassing messages that cannot be blocked, and hijack group chats. The video game cheating crisis has also reached new highs.
Here is a recap of the most talked-about software bugs this March.
The Slack Connect DM feature that allows sending invitations to one’s workspace became generally available just about a week ago, but it has already provoked a backlash after people started receiving abusive messages.
Before Slack’s changes, users could add a customized text within the invite. However, it soon became obvious that the feature could be used to send abuse and harassment. What’s more, since the invites are sent from a single email@example.com account, blocking them means all Connect DM invites would be marked as spam. The company has already disabled the option to send a message alongside an invite.
Our final thoughts on this incident are that usability testing remains of paramount importance, especially when it comes to “unusual” user scenarios. Even though the production team checks the product from head to toe, it is advisable to use an uninfluenced, third-party view of the software to foresee and prevent such undesired user behavior.
A newly discovered bug in Zoom’s screen sharing feature can leak private information to other meeting participants.
The feature allows showing an entire screen or particular applications. The issue lies in the fact that a second application, overlayed on top of an already shared one, can reveal its contents. Depending on the nature of the data, this can have serious consequences if meeting participants take advantage of the weakness by using a screen capture tool to record what is happening on the screen and extract the private information.
Given that malicious users would never miss an opportunity to exploit software weaknesses, thorough functional testing is the only way to protect product reputation.
Players are already discovering all sorts of bugs in Fortnite Season 6, and the recently detected unlimited health glitch has shaken the gaming community. If you wаnt to give this one а try for yourself, you’ll need to get а Slurp Mushroom, heаd over to а Port-а-Potty, get it done to low HP, eаt а mushroom, hop inside аnd then hаve your buddy breаk it for you. There is currently no word on whether this one will be fixed for the next updаte, but it could certаinly become аn issue in the future since this glitch doesn’t require аny difficult steps for plаyers to reproduce.
Game testing is a great opportunity not only to make sure your game mechanics are consistent and the gameplay is fun. It also helps to reduce the number of weak spots for cheating in video games.
When it comes to WordPress, which is one of the world’s leading open-source CMSs, bugs hit users hard on a global scale – over 7 million websites were affected through two popular WordPress plugins. The flaws were detected in Elementor, a website builder plugin, and WP Super Cache, a tool used to serve cached pages of a WordPress site. The bug involved a set of stored XSS vulnerabilities occurring when a malicious script was injected directly into a vulnerable web application.
This without a doubt is another proof that security testing is crucial if you do not want your product to cause panic among the users.
Netop, the company behind a popular software tool designed to let teachers remotely access student computers, has reported (and fixed) security bugs in its platform. The critical vulnerabilities could allow attackers to hijack school chats, deliver malware, determine the IP addresses of students, eavesdrop, and more.
Meeting the security requirements in an e-learning system is a complex problem as it is necessary to protect the content, services, and personal data. Cybersecurity can be ensured by conducting security testing according to the OWASP methodology.
Microsoft has launched a new bug bounty program for the Teams desktop client that offers $30,000 to security testers for reporting previously unknown vulnerabilities.
The program lists five specific scenarios:
Source URL: https://blog.qatestlab.com/2021/04/06/bugs-digest-march-2021/
Copyright ©2021 QATestLab Blog unless otherwise noted.