Watch out guys, it was earlier reported that a bug in the Google Toolbar could allow criminals to steal data or install malicious software on a particular system.

PC World reports:

The flaw lies in the mechanism Google Toolbar uses to add new buttons on the browser. Because the toolbar does not perform adequate checks when new buttons are being installed, a hacker could make his button appear as though it was being downloaded from a legitimate site when in fact it came from somewhere else. By spoofing the origin of the toolbar button, an attacker could download malicious files or launch a phishing attack against the victim, wrote security researcher Aviv Raff in a blog post on the issue.

Raff has posted proof of concept code, showing how such an attack would work with the Internet Explorer browser.

This error was fixed by Google just hours after Raff notified the company of the problem, but a demo of the flaw being exploited can be seen online.

• eBay and Google: Kiss and Makeup
• The Big Deal called Page Rank
• Google Takes World's Books Online
• SEO Prediction #1 - The use of google toolbar and google analytics data for ranking

1 Comment

• 

  By boris, December 26, 2007 @ 7:00 am

  This one can be labeled Thanks, but no thanks… Am I better off knowing this if it has been fixed?

Other Links to this Post

RSS feed for comments on this post. TrackBack URI

Leave a comment