A new vulnerability in Google’s popular Gmail web based email service has been discovered.  The proof of concept vulnerability allows a malicious website to add a filter to any Gmail account and forward that to a third party site.

ArsTechnica is reporting that Petko Petkov discovered this flaw and produced a proof-of-concept exploit for it.  The exploit has been verified but has not been publicly released.

Things aren’t looking too good for Gmail right now, what with its interface losing what charm it had left, other competing services offering more or unlimited storage and more vulnerabilities appearing on a weekly or bi-weekly basis.

Petkov’s discovery would be the second vulnerability that was found this week.  As companies shift more applications to the web, security is going to become a concern and there is no doubt in my mind that more of these web only exploits will become more numerous and harmful.

I won’t stop using Gmail because of this and neither should you, just be aware of it should an “in the wild” exploit be made.

Related:

Entry was posted on Friday, September 28th, 2007 at 2:00 pm under Google.

Read more entries by Jonathan Schlaffer.
Stumble It!