• On CBSSports.com: Hottie Hall of Fame - Milano vs. Shue
advertisementFree Phone + Bluetooth @T-Mobile.com

December 6, 2005 4:56 PM PST

Google Desktop tweaked to block attackers

By Joris Evers
Staff Writer, CNET News

Related Stories

IE flaw lets intruders into Google Desktop

 December 2, 2005

Google touts new features in desktop tool

 November 3, 2005
Google has made an adjustment to its desktop search tool to foil attacks that take advantage of an unpatched vulnerability in Microsoft's ubiquitous Internet Explorer Web browser.

The IE bug was disclosed late last week by Matan Gillon, a security researcher in Israel. He found a way to steal information from unwitting Google Desktop users by exploiting the Web browser flaw.

"We did make an adjustment to the product to help protect users," Google representative Sonya Boralv said Tuesday. "We made the adjustment on our end. Users don't need to download a patch or take any action."

The bug in IE allows an attacker to retrieve private user data or execute operations on the user's behalf from remote domains, Gillon wrote in his description of the attack method. He crafted a Web page which, when viewed in IE on a computer with Google Desktop installed, used the search tool and returned results for the query "password."

A test of the proof-of-concept page created by Gillon confirmed on Tuesday that the attack no longer works.

Microsoft on Friday said it was investigating the IE bug. The company has said it might issue a security update or an advisory on the problem.

See more CNET content tagged:
Google Desktop, adjustment, attacker, Microsoft Internet Explorer, Google Inc.

Powered by Jive Software
advertisement

Latest tech news headlines

Resource center from News.com sponsors
You Need The Speed of Norton 2009
Introducing Norton Internet Security™2009

Click Here!
With one-click, one-minute install, under 8MB of memory usage and fewer, shorter scans, it's the fastest security suite anywhere. Norton. Smart Security, Engineered for Speed. Get a FREE trial today!

Click Here!
The Fastest Security Suite Anywhere

Experience the revolutionary Norton Internet Security™ 2009. With Norton™ Insight, a new feature, you get precision security that targets only at risk files for fewer, faster, shorter scans

Win a Trip to Space!*

Enter the Blast Off with Norton Sweepstakes for your shot at a trip to space. You could experience being fast and weightless, just like the new Norton 2009. *No purchase necessary; click for full details.

FREE Trial!

Act now to get your FREE trial of Norton Internet Security 2009. Try it for the protection. Love it for the speed

Norton Safe Web NEW!

A community-based system that rates web site safety

Norton Labs NEW!

Users can download new security technologies and share input directly with developers. Help us shape our future products!

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

advertisement

Inside CNET News

Scroll Left Scroll Right
News
Latest news
Business tech
Green tech
Wireless
Security
Media
Popular topics
Apple iPhone
Apple iPod
Best hybrid cars
Cell phones
Dell
GPS
CNET sites
CNET TV
Downloads
News
Reviews
Shopper.com
Site map
More information
Newsletters
Corrections
Customer Help Center
RSS
What's new
About CNET