Computer Crime Research Center


Another flaw in Microsoft Internet Explorer compromise Google

Date: December 05, 2005
Source: Washington Post
By: Brian Krebs

A security researcher has published information showing that a previously unknown design flaw in Microsoft's Internet Explorer could be used by malicious Web sites to steal sensitive information from IE users' computers.

Israeli hacker Matan Gillon says he's discovered that an unpatched security hole in IE could allow a Web site to see files on the visitor's computer that store data about the user's relationship with other Web sites.

In a detailed analysis published on his Web site, Gillon demonstrates how the hack could be leveraged to steal data on the victim's machine indexed by Google Desktop Search, a free program that allows users to quickly find a variety of files on their computers. The problem is not with Google's software, which contains several built-in security measures to ensure that data cached by its software cannot be read by anyone other than the user.

Gillon's research shows that if an IE user is already logged on to a Web-based service -- such as Gmail or Hotmail, for example -- a malicious Web page could execute certain operations in the user's account, such as opening e-mails and relaying them back to the site's owner for remote viewing.

"This discovery has implications that go far beyond the Google trick," said Tom Liston, a senior analyst for Intelguardians, an information security consulting group in Washington. "Over the next few days I think we’re going to see a lot of people coming out and saying the Google Desktop thing was kinda cool, but that there are far more dangerous implications."

According to Gillon, the hack works because IE does not properly parse cascading style sheet (CSS) files, a Web design language used by thousands of Internet sites.

The exploit demonstrated on Gillon's site works on a fully patched IE browser with default security and privacy settings. Gillon said other browsers, such as Firefox, are sufficiently locked down that the hack doesn't work on them.

Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo