The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot password?

IE flaw lets intruders into Google Desktop

A security researcher in Israel has found a way to steal information from unwitting users of Google's desktop search tool by exploiting an unpatched flaw in Microsoft's ubiquitous Internet Explorer.
2005-12-03 08:56 by

 

There is a bug in the way the Web browser processes CSS rules, Matan Gillon wrote in a description of his hack posted on Wednesday. CSS, or Cascading Style Sheets, is a method for setting common styles across multiple Web pages. The Web design technique is widely used on many sites across the Internet.

The proof-of-concept method is an example of how security flaws in software can offer all kinds of access to programs on vulnerable PCs, including to Google Desktop.

"This design flaw in IE allows an attacker to retrieve private user data or execute operations on the user's behalf on remote domains," Gillon wrote in his description of the attack method. He crafted a Web page that--when viewed in IE on a computer with Google Desktop installed--uses the search tool and returns results for the query "password."

http://news.com.com/IE+flaw+lets+intruders+into+Google+Desktop/2100-7349_3-5980623.html?part=rss&tag=5980623&subj=news

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About