All the latest UK technology news, reviews and analysis
|
|
|
22 Feb 2007
Security researchers at Watchfire have uncovered a vulnerability in Google Desktop that could allow an attacker to steal confidential information and take control of a system.
Google has released an update for the software to patch the vulnerability, which relies on cross-site scripting techniques.
An attacker could exploit the flaw through a specially crafted web link containing JavaScript code.
When a user clicks on the link, the code is executed by the Google Desktop application, which then allows the attacker to perform searches on the infected computer.
This could lead to exposed passwords, social security numbers or other confidential information.
The vulnerability is caused by the fact that Google Desktop is linked to the Google.com service.
Watchfire also warned that current antivirus software does not protect against such attacks.
Online application security is a hot topic in the security industry. Acunetix released a study last week in which it claimed that corporate websites contain an average of 66 security vulnerabilities in their online applications.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Support Engineer - Cisco - LINUX - ISP - NOC - £30-40k...
Netapp Storage Engineer - NCDA - NCIE - Unix/ Linux Skills...
Cisco ISP Pre-sales consultant - CCNA - CCNP - CCIE...
Netapp Storage Engineer - NCDA - NCIE - Unix/ Linux Skills...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?