News Google fixes security hole

Searchzilla plugs a potential phishing hole, according to this report from news.com:

Google on Thursday fixed a security flaw in its Web search service that could have allowed malicious hackers to modify its pages.

According to a report posted to the Bugtraq Security Focus list on Wednesday, Google's new Desktop Search tool did not prevent a hacker from inserting JavaScript, a programming language, into the Web address of its page image, or logo. That vulnerability could have allowed any rogue third party to change the appearance of Google's Web page to ask for personal data such as credit card numbers from its visitors, what's known as a phishing scam, according to the warning.

Mountain View, Calif.-based Google said it has fixed the problem.

More here