Recently, Shao et al. proposed two bidirectional proxy re-signature schemes S(subscript mb) and S(subscript id-mb) [3]. In their paper, the authors gave security proofs to say that both of them are secure in their security model without random oracles. But, we found that the scheme S(subscript mb) is miss leaded and its security proof is false. In this paper, we present an attack on S(subscript mb) and improve it to be secure in their security model.