Geeks With Blogs


Agha Usman Ahmed JILAWATAN

Google has fixed a security hole in several of its services that exposed the address books of Gmail users, the company said Tuesday.

An attacker could create a malicious Web site that would copy all the entries in a Gmail user's address book, a potential treasure trove for spammers, according to a description of the problem on the "Googling Google" blog. The only condition is that the user would have to be logged in to Gmail or another Google service.

The issue came to light after Google watcher Haochi Chen probed a feature in Google Video over the weekend. The feature, called "Pick People to Email," lets users select contacts from their Gmail address book to send them a video. However, the feature also opened up the address book to others, Chen discovered.

Chen alerted Google over the holiday weekend. Heather Adkins, an information security manager at Google, confirmed Tuesday that the company heard about the Google Video issue and fixed it within hours. The search giant later learned that the same problem also impacted other services and resolved those issues within a day, she said.

For more information :

Posted on Wednesday, January 3, 2007 5:24 AM | Back to top

Comments on this post: Google plugs Gmail data leak flaw

# re: Google plugs Gmail data leak flaw
Requesting Gravatar...
You can't help but love any organization that's agile enough to fix important stuff like this overnight!
Left by Lorin Thwaits on Jan 03, 2007 10:07 AM

Your comment:
 (will show your gravatar)

Copyright © Agha Usman Ahmed | Powered by: