A Second Google Desktop Vulnerability

Posted by kdawson on Saturday February 24, 2007 @08:47PM from the anti-anti-anti-DNS-pinning dept.

zakkie writes "According to InfoWorld, Google's Desktop indexing engine is vulnerable to an exploit (the second such flaw to be found) that could allow crackers to read files or execute code. By exploiting a cross-site scripting vulnerability on google.com, an attacker can grab all the data off a Google Desktop. Google is said to be investigating. A security researcher is quoted: 'The users really have very little ability to protect themselves against these attacks. It's very bad. Even the experts are afraid to click on each other's links anymore.'"

2 of 80 comments (clear)

Min score:

Reason:

Sort:

I'd RTFA but... by Joebert · 2007-02-24 20:54 · Score: 4, Funny

What's all the fuss about ?
I'd RTFA but I'm afraid of what will happen if I do.

--
Wanna fight ? Bend over, stick your head up your ass, and fight for air.
Re:Experts? by MillionthMonkey · 2007-02-24 21:52 · Score: 3, Funny

Seriously, how many "security experts" do you know running Windows?

Not me. *I* find my Windows XP SP2 vulnerabilities using a Commodore 64 and a Commodore 1541 disk drive with a VM in its controller.