Google Toolbar Flaw Intensifies Online Risks
Filed in archive google by noel on December 19, 2007

could allow criminals to steal data or install malicious software on a particular system. PC World reports:
The flaw lies in the mechanism Google Toolbar uses to add new buttons on the browser. Because the toolbar does not perform adequate checks when new buttons are being installed, a hacker could make his button appear as though it was being downloaded from a legitimate site when in fact it came from somewhere else. By spoofing the origin of the toolbar button, an attacker could download malicious files or launch a phishing attack against the victim, wrote security researcher Aviv Raff in a blog post on the issue.
Raff has posted proof of concept code, showing how such an attack would work with the Internet Explorer browser.
This error was fixed by Google just hours after Raff notified the company of the problem, but a demo of the flaw being exploited can be seen online.
Permalink: Google Toolbar Flaw Intensifies Online Risks
Tags:
Google+Toolbar
Google
Internet+Explorer
google
search
search+engine
google+toolbar
flaw+intensifies
Trackback: http://www.creative-weblogging.com/cgi-bin/mt-tb.pl/107466

Mr Wong
