Google Desktop Slams Door On IE Flaw
While users of Internet Explorer still have to be concerned about CSS exploits affecting a newly-discovered problem with the browser, Google Desktop is no longer open to attacks via that flaw.
Google made a change to its Desktop utility to prevent exploits affecting IE from grabbing data within the Desktop search function, NewsFactor reported.
Gartner Research vice president Neil MacDonald said in the article, “Even though Internet Explorer is the root cause of the vulnerability, Google’s changing its Desktop Search so that it was no longer remotely accessible though the vulnerability in IE was the responsible thing for Google to do.”
The vulnerability in IE affects how it handles CSS and can be triggered by visiting a malicious web site. Microsoft has been investigating the problem since it was unveiled by an Israeli researcher named Matan Gillon.
Sophos senior technology consultant Graham Cluley questioned Gillon’s motivations for publicly disclosing the flaw instead of contacting Microsoft or Google privately to work with them on the problem.
In the article, Cluley said, “Does the researcher think he has really contributed to the security of Internet users worldwide by going public with details of the problem when no fix is available? Or is this just a case of ‘Look at me! Aren’t I clever?'”
David Utter is a staff writer for WebProNews covering technology and business. Email him here.