Researcher: IE Flaw Allows Data Theft


Israeli hacker Matan Gillon says he's discovered that an unpatched security hole in IE could allow a Web site to see files on the visitor's computer that store data about the user's relationship with other Web sites. In a detailed analysis published on his Web site, Gillon demonstrates how the hack could be leveraged to steal data on the victim's machine indexed by Google Desktop Search, a free program that allows users to quickly find a variety of files on their computers.

The problem is not with Google's software, which contains several built-in security measures to ensure that data cached by its software cannot be read by anyone other than the user. Security Fix - Brian Krebs on Computer and Internet Security - (washingtonpost.com)

Linked by shanmuga Friday, 2nd December 2005 8:36PM