Google Spokesperson, Sonya Boralv, has told News.com that Google has just learned about and is looking into a possible flaw with Internet Explorer that lets unknowing users of both IE and Google Desktop to have information stolen from their database of content. The bug was first reported by Matan Gillon, a researcher in Israel.
A security expert quoted in the story said that the bug looks is an IE/MS issue and not one for Google.
From the article: "This design flaw in IE allows an attacker to retrieve private user data or execute operations on the user's behalf on remote domains," Gillon wrote in his description of the attack method. He crafted a Web page that--when viewed in IE on a computer with Google Desktop installed--uses the search tool and returns results for the query "password." To exploit the flaw, an attacker has to lure a victim to a malicious Web page. "Thousands of Web sites can be exploited, and there isn't a simple solution against this attack, at least until IE is fixed," Gillon wrote.
Microsoft is also investigating the issue.
More in the article: IE flaw lets intruders into Google Desktop.
Postscript from Google Spokesperson:
"Google takes the security of its users very seriously. We just learned of this issue and are looking into it."
Twitter Canada MD Kirstine Stewart to Keynote Toronto
ClickZ Live Toronto (May 14-16) is a new event addressing the rapidly changing landscape that digital marketers face. The agenda focuses on customer engagement and attaining maximum ROI through online marketing efforts across paid, owned & earned media. Register now and save!