While Google was able to quickly patch the security vulnerability in their popular Desktop software, a risk still remains. The risk does not have to do with a vulnerability though, it has to do with the software itself. Just the idea of intermixing the Web and someone’s private hard drive together screams security risk. But then again, it all comes down to the balance of security and functionality; some will prefer security more, but others (probably more) will prefer functionality.

A security flaw found late last year in Google (Nasdaq: GOOG) Desktop was quickly patched, but the company that discovered it says the popular application’s mix of Web and private hard drive searches might still be risky.

Google Desktop, which uses Google search technology to scan PC hard drives as well as the Web, could be hacked by someone using a cross-scripting attack, according to a report issued by Watchfire, which discovered the hole last autumn.

A savvy hacker could surreptitiously achieve “not only remote, persistent access to sensitive data , but full system control as well,” warned Watchfire.[more]

Tags: Hackers, Malware, Privacy