IE Flaw Puts Google Desktop at Risk
December 3, 2005 Leave a comment
Alert for Google Desktop users who are using Internet Explorer.
The security hole involves a problem with the way IE imports cascading style sheets (CSS) from other Web sites, a technique referred to as cross site scripting (XSS). IE will import any type of file with a bracket, regardless of whether or not it’s valid CSS.
By combining the flaw with Google’s Desktop Search, a malicious Web site could read personal data off a visitor’s machine.More info here