[FONT=Arial,Helvetica][SIZE=-2][FONT=Arial, Helvetica]Though the New Years holiday was a long vacation for many, it was a long work weekend for those in Google's security operations. [/FONT][/SIZE][/FONT] [FONT=Arial,Helvetica][SIZE=-2][FONT=Arial, Helvetica]Heather Adkins, information security manager at Google, said in a statement e-mailed to internetnews.com that over the holiday weekend Google was notified of a vulnerability that spanned multiple Google products.[/FONT][/SIZE][/FONT] [FONT=Arial,Helvetica][SIZE=-2][FONT=Arial, Helvetica] [/FONT][/SIZE][/FONT] [FONT=Arial,Helvetica][SIZE=-2][FONT=Arial, Helvetica]"We were first notified that this issue affected Google Video and fixed it within a few hours of receiving the report," Adkins stated. "We were then notified that the same issue affected other Google products. The problem with the other products was resolved within 24 hours of the second report. To our knowledge, no one exploited the vulnerability and no users were impacted."[/FONT][/SIZE][/FONT] [FONT=Arial,Helvetica][SIZE=-2][FONT=Arial, Helvetica] [/FONT][/SIZE][/FONT] [FONT=Arial,Helvetica][SIZE=-2][FONT=Arial, Helvetica]The vulnerability, if exploited, could have allowed Google users' Gmail contact lists and other information to be exposed to malicious attackers. Adkins noted that the vulnerability related to how Google uses certain JSON (JavaScript Object Notation) (define) object within some of its product code.[/FONT][/SIZE][/FONT] [FONT=Arial,Helvetica][SIZE=-2][FONT=Arial, Helvetica] [/FONT][/SIZE][/FONT] [FONT=Arial,Helvetica][SIZE=-2][FONT=Arial, Helvetica]A flaw was reported and fixed over the weekend, and there are allegations in the wild that a new crop of security issues may still exist. Source: http://www.intranetjournal.com/articles/200701/ij_01_04_07a.html JFYI: Ruslan [/FONT][/SIZE][/FONT]
i am still actually digging here and there to find more information what exactly was wrong.. will post in case i figure out anything