Facebook yesterday stated it has repaired the vulnerability that permits a spamming bug to automatically send messages to users' profile earlier this week. The flaw was the instant in the past week that let hackers fill the service with messages encouraging scams. Last week, Facebook invalidated a dissimilar bug in its image upload service that let a spammer send thousands of undesirable wall messages. The freshest bug was discovered yesterday by researchers at a pair of antivirus sellers, Finland-based F-Secure and U.K.-based Sophos.

"A ingenious spammer has disclosed a Facebook vulnerability that admits for auto-repeating links," stated Sean Sullivan, an F-secure security researcher. "till today, typical Facebook spam has needed the use of about social masterminding to spread." Clicking on the link to the fake application automatically added the application to users' profiles, then mechanically send a status content with a new link to friends' profile, stated Sophos' Graham Cluley yesterday.