Google on Thursday fixed a security flaw in its Web search service that could have allowed malicious hackers to modify its pages.
According to a report posted to the Bugtraq Security Focus list on Wednesday, Google's new Desktop Search tool did not prevent a hacker from inserting JavaScript, a programming language, into the Web address of its page image, or logo. That vulnerability could have allowed any rogue third party to change the appearance of Google's Web page to ask for personal data such as credit card numbers from its visitors, what's known as a phishing scam, according to the warning.
Mountain View, Calif.-based Google said it has fixed the problem.
"Google was recently alerted to a potential security vulnerability affecting users of our Web site," a company representative said. "We have since fixed this vulnerability, and all current and future Google.com users are protected."
Official Story Here
Linear Mode
