Security hole found in Google desktop search

Infoworld talks about a security hole that Researchers at Rice University found in Google’s desktop search engine, that could allow third parties to access users’ search result summaries thus providing a sneak peek at part of the content of personal files. Google it seems has already fixed the issue at hand. To check make sure you are running the new version (number 121004, indicating Dec. 10 2004, or later).

To be affected, a user would have to visit a Web site where an attacker has embedded a particular Java applet. The applet makes certain network connections that trick Google Desktop into integrating a users local search results with results from an online search. When users visit the compromised site, the applet reads their local search result summaries and sends them back to the attackers server.

[Listening to: Love in an Elevator – Aerosmith – Pure Rock Moods [UK] (03:35)]

Published by

Amit Bahree

This blog is my personal blog and while it does reflect my experiences in my professional life, this is just my thoughts. Most of the entries are technical though sometimes they can vary from the wacky to even political – however that is quite rare. Quite often, I have been asked what’s up with the “gibberish” and the funny title of the blog? Some people even going the extra step to say that, this is a virus that infected their system (ahem) well. [:D] It actually is quite simple, and if you have still not figured out then check out this link – whats in a name?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.