Unsecured Microsoft Bing Server Exposed Users' Search Queries and Location

2020-09-22 06:18

A back-end server associated with Microsoft Bing exposed sensitive data of the search engine's mobile application users, including search queries, device details, and GPS coordinates, among others.

"Based on the sheer amount of data, it is safe to speculate that anyone who has made a Bing search with the mobile app while the server has been exposed is at risk," said WizCase's Chase Williams in a Monday post.

Some of the search terms comprised of predators looking for child porn and the websites they visited following the search as well as "Queries related to guns and interest in shootings, with search histories that included shopping for guns, and search terms like 'kill commies.'".

Aside from device and location details, the data also consisted of the exact time the search was performed using the mobile app, a partial list of the URLs the users visited from the search results, and three unique identifiers, such as ADID, "DeviceID", and "Devicehash."

"Whether it's searching for adult content, cheating on a significant other, extreme political views, or hundreds of embarrassing things people search for on Bing," the company said.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/YOjroGCn_8o/bing-search-hacking.html

#microsoft #server

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Microsoft		373	51	1390	2835	168	4444

News URL

Related news

Related vendor