Hacker could scan your hard drive and steal sensitive info.
Robert McMillan, IDG News Service
A bug in Microsoft's Internet Explorer browser gives phishers a way to
scan the hard drives of Google Desktop users, according to an Israeli
hacker. Because of a flaw in the way IE processes Web pages, a
malicious Web site could use the attack to steal sensitive information
like credit card numbers or passwords from the hard drives of its
"Google Desktop users who use IE are currently completely exposed,"
wrote hacker Matan Gillon in an e-mail interview. "An experienced
attacker can covertly harvest their hard drives for sensitive
information such as passwords and credit card numbers. Since Google
also indexes e-mails which can be read in the Web interface itself,
it's also possible to access them using this attack."
Gillon has posted an extensive description of how such an attack would
work, along with a proof of concept exploit, on his blog.
The IE bug concerns the way Microsoft's browser processes Web page
layout information using the CSS (Cascading Style Sheets) format. The
CSS format is widely used to give Web sites a consistent look and
feel, but attackers can take advantage of the way that IE processes
CSS to get Google Desktop to reveal sensitive information.
Hackers would first need to trick users into visiting a malicious Web
site for the attack to be successful, Gillon says. The attack works
with IE 6 and Google Desktop version 2, and may also work on other
versions of Microsoft's browser, but not on non-Microsoft browsers
like Firefox or Opera, he adds.
browsers, Gillon says. This can be done by disabling "Active
scripting language used by Web developers to make their sites more
Users need to be particularly wary of the Web sites they visit these
days, because of another unpatched IE vulnerability that could be used
to take over a user's PC. Hackers posted sample code that exploited
this problem over a week ago, and Microsoft said that hackers are
already using the code in attacks. As with the new CSS problem, users
must first be tricked into visiting a malicious Web site for this IE
bug to be exploited.
Some security experts believe that Microsoft is in the process of
rushing out a patch to fix this problem before these attacks become
more widespread. These attacks can also be avoided by disabling
Microsoft executives were unavailable to comment on the CSS bug, but a
spokeswoman for the company's public relations agency said the issue
is being investigated. Microsoft is not aware of any attacks resulting
from the hole, she said.
Copyright 2005 IDG News Service