ZDNet
reported today that a security hole in Google toolbar
allows hackers to get into users' PCs, read their files
and run their codes on their machines.
According to GreyMagic Software, a flaw in the Google Toolbar version 1.1.58 and earlier allows an attacker to embed code in any Web page that fools the toolbar into executing the attacker's commands. These commands can include altering the toolbar's parameters, which allows the attacker to hijack searches, alter the appearance of the toolbar or uninstall it completely. It also, more dangerously, allows the attacker to execute code on the user's PC.
And how to prevent that? If you use Google toolbar, just
click on the little Google logo at the left corner of the
toolbar and select "About Google toolbar...". If the version
you are using is 1.1.58 or lower,
download the new toolbar.
You may want to poke around with your older toolbar and
check the holes before installing the new version,
there are some detail instructions on
GreyMagic.com.
The newer version of the toolbar has a neat auto-update feature
which secures users from being attacked through the possible future holes.
Content may be reused according to the terms of the OPL.
