BusinessWeek reports that Google Desktop had a major defect that could have potentially enabled hackers to view personal files on a computer with Google Desktop installed. The hole was plugged February 1st, a few weeks after it was discovered by Watchfire Corp. Google says it has no evidence the vulnerability was exploited.
Google Desktop was vulnerable to what security experts call a “cross-site scripting attack.” This vulnerability would potentially enable hackers to place malicious code on your personal computer. The hacker could then search all the files on the personal computer and possibly even take over the machine.