Helpero is a web site that helps every Internet user, from all over the world, solve any computer related problem. You can ask Helpero for free.
Helpero.com
 

advanced search
 
Ask Helpero
Home Home Home News News News Games Games Games How To How To How To Check this out Check this out Check this out
Helpero

Helpero

News - Google Desktop Security Hole Really Closed?
Helpero
Computers Helpero/Helpero Software Helpero/Helpero 21-02-2007 Helpero/Helpero 5.989 views

Google Desktop Security Hole Really Closed?

A potentially security hole in Google Desktop search product could have exposed personal files on user’s computers to hackers. Google fixed the problem in a couple of weeks after it was informed about it and says it has no evidence the vulnerability was exploited.

The flaw was discovered late last year by Watchfire, a security-analysis provider. While the vulnerability exists in about 80 percent of Web applications, this problem appeared more extreme "given the sensitive nature of what Google Desktop is doing", said Danny Allan, a researcher.

Google's free desktop product, first released in 2004, has millions of users and remains popular. The service offers a fast, easy way to find documents, e-mails, instant-messaging transcripts, archived Web pages, etc. A Google executive once described it as "the photographic memory of your computer."

The Watchfire researchers discovered that the setup was open to something known as a cross-site scripting attack, which lets an attacker place malicious code on a Google Desktop user's computer and the PC could be infected. The hacker would have had free access to use Google Desktop to search the victim's machine. Watchfire's founder and chief technical officer, Mike Weider, said the attack would have gone undetected by firewalls or antivirus software.

The security hole was reported to Google on January 4 and Google assured that on February 1 would have been fixed. Google spokesman Barry Schnitt said the desktop search software gets automatically updated, so users do not need to take any steps to protect themselves.

"There's a high potential for this to happen again", Weider said.
"We've added an additional layer of security checks to prevent the types of attacks pointed out by Watchfire and future possible attacks through this vector as well", Schnitt responded.

It is expected that we will see similar vulnerabilities, "as desktop software and the Internet get more connected." As a result  antivirus vendors should develop techniques for detecting and blocking such attacks.

You can download Google Desktop from here.

written by Cristian L.



Cristian L
Cristian L
Articles Editor
21th February 2007
digg Digg it delicious Del.icio.us
reddit Reddit stumble Stumble it
Rate this
Rate Rate Rate Rate Rate
3 ratings
Rate Rate Rate Rate Rate
3 ratings
 
Send to a friend Mail editor
Send to a friend Send to a friend
Add comment Add Comment
Update this Update this
 



Carl Smith says: 00:00 / 00 0000
I am using Google Desktop every day. I am afraid I have been exposed.Google dissapointede me with this flaw

Search

Related Software News
Go 24 Free Minutes from Skype
Go How to identify the source of pirated videos
Go Office in Windows Mobile 6

Top Rated News

Go Best 7 Must Have iPod Applications
Go Top 10 iTunes Add-Ons
Go UBUNTU vs. SUSE vs. FEDORA

Related Links

Links



Go Go to the Archive to see all the Helpero news

PayPal

Our answers are free, but we need 120$ every month to pay the server bills.

30$ Raised this month.


Home Helpero|Helpero Terms & Conditions Helpero|Helpero Contact
Copyright 2006 - 2008 Helpero.com