Desktop for Windows Help

Nothing is more important to us than the security of the products we offer our users. So we'd like to thank Watchfire for discovering and reporting a cross-site scripting ("XSS") vulnerability that existed in Google Desktop. To our knowledge, no one was actually affected by this problem. The demonstrated exploit outlined a sophisticated, coordinated environment that also required a vulnerability to exist on Google.com or a subdomain of Google.com. After being notified of this issue, we worked quickly to develop a fix and pushed it live on February 1, 2007. That means if you've downloaded Google Desktop since then, it is likely you've already been updated to the latest, most secure build of Google Desktop. If you'd like to confirm that this update has been installed, go to your Google Desktop homepage and click the "About" link. Near the bottom of the page, you should see a line which reads "Google Desktop 5.0.0701.30540" (or higher). This is the latest version, which contains the security update. If you haven't been automatically updated yet, you can manually update to the latest build by simply downloading the newest version and installing over your existing version (a practice called "overinstalling"). You can overinstall with the most recent consumer edition of Google Desktop from http://desktop.google.com/index.html?rd=f You can overinstall the Enterprise edition of Google Desktop by downloading, saving, and running the installer on your computer from the following link: http://desktop.google.com/enterprise For information on the latest Google Desktop releases, please visit our Release Notes page at http://desktop.google.com/support/bin/answer.py?answer=58591