A security flaw in Google's search appliances could expose Web sites that use the products to information-stealing phishing attacks, experts warned Monday. The Google Search Appliance and Google Mini are used by organizations including banks and universities to add search features to Web sites. A flaw in the way the systems handle certain characters makes it possible to craft a Web link that looks like it points to a trusted site, but when clicked serves up content from a third, potentially malicious site.
"This vulnerability affects a lot of very large Web sites," John Herron, a security expert who maintains the NIST.org site, said in an e-mail. "It basically allows a virtual defacement of a Web site when following a malicious link."
View: Full Story @ Reuters
"This vulnerability affects a lot of very large Web sites," John Herron, a security expert who maintains the NIST.org site, said in an e-mail. "It basically allows a virtual defacement of a Web site when following a malicious link."
View: Full Story @ Reuters
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.