The Register has posted an analysis which is about Google’s software. In particular, the report is about a flaw in Google’s desktop search program which can let an attacker remotely run almost any program in a user’s computer.

Over the past week, four security flaws has been reported on Google software.

Robert Hansen, who is a security researcher, has written a demonstration of how the flaw can be abused by an attacker.

The basic procedure is that while a user surfs at a cybercafe and performs a google search on the Google desktop, a MITM (man-in-the-middle) agent collects the info of what the user has searched. Then it shows two iframes. One follows the user’s cursor while the other links to a malicious website address.

Source: The Register