informa

Vulnerability Found in Google Desktop

Watchfire announced its security researchers have discovered a vulnerability in Google Desktop

WALTHAM, Mass. -- Web application security leader Watchfire, today announced its security researchers have discovered a vulnerability in Google Desktop which could enable a malicious individual to achieve not only remote, persistent access to sensitive data, but in some conditions full system control.

Watchfire’s security researchers have uncovered a new attack methodology that clearly emphasizes the danger of integration between desktop applications and Web based applications as an aperture for a malicious attacker to escalate his/her privileges by crossing from the Web environment to the desktop application environment. This outcome is the combined result of the integration between the Google.com Web site and Google Desktop, and Google Desktop's failure to properly encode output containing malicious or unexpected characters.

Watchfire Corp.

Editors' Choice
Jai Vijayan, Contributing Writer, Dark Reading
Kelly Jackson Higgins 2, Editor-in-Chief, Dark Reading