IE flaw lets intruders into Google Desktop

A security researcher in Israel has found a way to steal information from unwitting users of Google’s desktop search tool by exploiting an unpatched flaw in Microsoft’s ubiquitous Internet Explorer.

There is a bug in the way the Web browser processes CSS rules, Matan Gillon wrote in a description of his hack posted on Wednesday. CSS, or Cascading Style Sheets, is a method for setting common styles across multiple Web pages. The Web design technique is widely used on many sites across the Internet.

The proof-of-concept method is an example of how security flaws in software can offer all kinds of access to programs on vulnerable PCs, including to Google Desktop.

“This design flaw in IE allows an attacker to retrieve private user data or execute operations on the user’s behalf on remote domains,” Gillon wrote in his description of the attack method. He crafted a Web page that–when viewed in IE on a computer with Google Desktop installed–uses the search tool and returns results for the query “password.”

To exploit the flaw, an attacker has to lure a victim to a malicious Web page. “Thousands of Web sites can be exploited, and there isn’t a simple solution against this attack, at least until IE is fixed,” Gillon wrote.

Full story: CNET News.com

Conclusion

This software provides valuable functionality for users. Whether for personal or professional use, it delivers on its core promises. Regular updates and active development ensure continued relevance. User satisfaction and community support demonstrate its value.

Final Thoughts

Based on its features and performance, this software is worth considering. Evaluate your specific needs and whether this solution addresses them. Try it yourself to determine if it’s the right fit for your requirements.