Google Toolbar Vulnerable ! (CastleCops)

Google Toolbar, is one of the latest utilities able to permit a hack attack and allow intruders to deploy malicious applications. Aviv.Raffon has reportedly found a way to exploit a Google Toolbar vulnerability.

Google Toolbar allows spoofing the information presented in the dialog which is being displayed when adding a new Google Toolbar button. This can allow an attacker to convince the users that his button comes from a trusted domain. This button can then be used to download malicious files or conduct phishing attacks (e.g. show a login form of a bank).

Google has acknowledged this and are already working on a fix. Until a fixed version is provided, it is suggested that you avoid adding new buttons to the toolbar.

More at Source