Windows Zero-Day Exploit has Google Desktop on Edge
December 30, 2005 by Jayvee Fernandez
Filed under Computers
Over the past year, the Google Desktop Search tool has taken a beating from press and business. The tool, which allows users to quickly search their desktop in Google-like simplicity for documents, files and other data has suffered under the stigma of privacy rights, proprietary information dissemination, etc.
Now they are being blamed, at least partially, for the wildfire spread of the Zero-Day Exploit. The exploit is actually a Windows problem that stems from Windows Metafile (WMF) image parsing and can be used, in it’s least damaging form, to install spyware on a persons computer. In it’s most malicious form, self-propagating worms and even keystroke loggers that could be used to steal credit card or social security information could be installed.
The flaw is exploited by parsing a WMF image, regardless of file extension and Google Desktop is being blamed as a culprit in the automatic parsing of images. More black eyes for Google.
Hat Tip: Sean Crawford via email
Comments
One Response to “Windows Zero-Day Exploit has Google Desktop on Edge”Trackbacks
Check out what others are saying about this post...[...] The recent WMF exploit that Microsoft has been taking a beating over the past few weeks will recieve a critical out-of-cycle patch today (MS06-001). Everyone running Windows MUST patch this vulnerability ASAP. Check Windows Update for the patch which will be released around 5pm Eastern today. [...]