A Second Google Desktop Vulnerability

zakkie writes "According to InfoWorld, Google's Desktop indexing engine is vulnerable to an exploit (the second such flaw to be found) that could allow crackers to read files or execute code. By exploiting a cross-site scripting vulnerability on google.com, an attacker can grab all the data off a Google Desktop. Google is said to be investigating. A security researcher is quoted: 'The users really have very little ability to protect themselves against these attacks. It's very bad. Even the experts are afraid to click on each other's links anymore.'"

Google Desktop pre-loaded on Dells

[PoconoPCDoctor]

I noticed a while ago that Google Desktop was preloaded on the Dells we buy. These Dells can wind up in areas that might access patient information. Since this is a major research hospital/medical school, I brought my concerns to the security group (HIPAA laws mandate privacy for patient information). Dell/Google assured us that this was a non-issue.

The end result was that not much happened.

My take? I still uninstall it whenever I see it.