Early this week we told you about a cross-site request forgery (CSRF) flaw in GMail that would allow attackers to create a filter in your account — possibly forwarding copies of your mail to themselves. This morning I received an e-mail from a spokesperson at Google who said that the GMail team rolled out a patch last night which fixes the problem. “Google takes the security of our users’ information very seriously,†the e-mail says, “We worked quickly to address the recently reported vulnerability, and we rolled out a fix. We have not received any reports of this vulnerability being exploited.†Google says they haven’t heard of anyone being victimized, but it wouldn’t hurt to login and take a quick look at your filter just to be on the safe side. from http://blog.wired.com/monkeybites/2007/09/google-patches-.html