Google issued several fixes at the beginning of February for a flaw that affected one of its most popular desktop applications called Desktop Search, but the problems are not over.
The flaw was discovered by security firm Watchfire and it could have allowed a hacker to access private information remotely and even take control of the entire system.
According to the three authors of the report, the vulnerability is the “outcome [of] both the integration between the Google.com Web site and Google Desktop, and Google Desktop's failure to properly encode output containing malicious or unexpected characters. Unlike traditional computer penetration attacks, there is no need for binary code to be injected.”
Source: http://www.playfuls.com/news_06306_G..._Possible.html
Source: 
Bookmarks