Recently discovered Microsoft Internet Explorer security vulnerability allows hackers and phishers running specially constructed web sites to easily steal identity details, confidential data and other sensitive information like credit card numbers, various passwords and online banking account details from all users of Google Desktop. Matan Gillan, an Israeli hacker who has discovered this issue, says that the attacker can covertly search user hard drives for any kind of information he wants, read user e-mails and retrieve all the data he is interested in. As Matan Gillan writes on his blog, the attacker simply needs to lure a victim to visit an insecure web site. Then with the help of specific code exploiting Internet Explorer vulnerability, the attacker will quickly get unauthorized access to the victim’s information.
The situation is rather complicated in that Microsoft didn’t patch a dangerous vulnerability yet. The company’s spokeswoman said that the issue is being investigated and Microsoft is working on a fix. Google denied rumors that vulnerabilities were also found in Google Desktop Version 2 and said that the problem is caused only by Internet Explorer. Latest investigations show that all users of fully patched Internet Explorer 6 and Google Desktop Version 2 are in danger. Some users running prior Internet Explorer versions might also be affected. It is only the matter of time when first ID thefts will occur.