Security researchers with Watchfire have uncovered a vulnerability in the Google Desktop application that could allow an attacker to steal confidential information and potentially take over control of a system.
Google has released an update for its software that patches the vulnerability that relies on cross site scripting attack techniques.
The security vulnerability is sparked by the fact that Google Desktop is linked to the Google.com service. Current generation anti-virus software furthermore doesn't protect against these attacks, Watchfire cautioned.
Online applications security is a hot topic. Security firm Acunetix released a study in which it claimed that corporate websites on average suffer from 66 security vulnerabilities in their online applications.
Critical vulnerability surfaces on Google Desktop
By Tom Sanders on Feb 22, 2007 9:53AM