Google fixes flaw in its beta desktop search tool

Forum Moderators: open

Message Too Old, No Replies

Google fixes flaw in its beta desktop search tool

vrtlw

4:46 am on Dec 21, 2004 (gmt 0)

[news.xinhuanet.com...]

Google fixed a flaw in its beta desktop search tool that could have given hackers access to users' local searches, officials said Monday.
The vulnerability, discovered and reported by three members of Rice University's computer science department, proved it was possible for a malware (define) writer to grab information from a Web page containing any desktop searches performed by a user infected with a JavaScript- or applet-based program.

DerekH

11:52 pm on Dec 21, 2004 (gmt 0)

performed by a user infected with a JavaScript- or applet-based program

What?
What on earth does that *mean*?

"Infected with a JavaScript program"?

Is someone now suggesting Javascript is a virus?
Or is someone now suggesting that if Javascript is on, it's an open door for attacks?

DerekH

webnewton

8:01 am on Dec 24, 2004 (gmt 0)

I'm still susepticle of google's desktop search!

paladin

1:44 am on Dec 28, 2004 (gmt 0)

I think they meant that the vulnerability is for pages with a JavaScript that mabye interacted with the Java applet.

To be affected, a user would have to visit a Web site where an attacker has embedded a particular Java applet.