IE bug lets hackers phish with Google Desktop: "An Israeli hacker has demonstrated how a bug in Microsoft's Internet Explorer Web browser can be used to steal personal information from Google Desktop users.DECEMBER 02, 2005 (COMPUTERWORLD) - A bug in Microsoft Corp.'s Internet Explorer Web browser gives phishers a way to scan the hard drives of Google Desktop users, according to an Israeli hacker. Because of a flaw in the way Internet Explorer processes Web pages, a malicious Web site could use the attack to steal sensitive information such as credit card numbers or passwords from the hard drives of its visitors.
"Google Desktop users who use IE are currently completely exposed," hacker Matan Gillon said via e-mail. "An experienced attacker can covertly harvest their hard drives for sensitive information such as passwords and credit card numbers. Since Google also indexes e-mails which can be read in the Web interface itself, it's also possible to access them using this attack."