Google Website Optimizer User? Important Security Notice

Dec 8, 2010 - 8:02 am 1 by
Filed Under Misc Google

Yesterday, all Google Website Optimizer users should have received an important email from Google. The email talked about an exploit within Google Website Optimizer under certain conditions. I covered it at Search Engine Land but this is important, so I want to make sure I reach out through all my channels to make sure you see it.

The Google Website Optimizer blog has a post on it which sums it up.

Earlier this week we notified affected Website Optimizer users of a potential security issue with the Website Optimizer Control Script. If a website or browser has already been compromised by a separate attack, a hacker might also be able to execute malicious code by exploiting a bug in the Website Optimizer Control Script.

We have not seen any evidence indicating that sites using Website Optimizer have been targeted through this bug, but wanted to proactively reach out to site owners. While the probability of this attack is very low, we are urging Website Optimizer users to take action by updating their Control Scripts. We have taken action, so all new experiments created after December 3 are not susceptible.

Any experiments you are currently running need to be updated to fix the issue on your site. Additionally, if you have any Website Optimizer scripts from paused or stopped experiments created before December 3, you should remove or update that code as well.

There are two ways to update your code:

(1) Stop current experiments, remove the old scripts, and create a new experiment.

(2) Update the code on your site directly. We strongly recommend creating a new experiment as it is the simpler method.

Instructions for both methods are available here at the Website Optimizer Help Center.

We're committed to keeping Website Optimizer secure, and we will proactively work to prevent any future vulnerabilities.

It is important that if you use Google Website Optimizer, even if you missed the email due to spam issues, you review this notice from Google and take the necessary steps to protect your site and your visitors.

Forum discussion at Sphinn and Google Website Optimizer Help.

 

Popular Categories

The Pulse of the search community

Follow
Subscribe Options

Search Video Recaps

 
Google Core Update Flux, AdSense Ad Intent, California Link Tax & More - YouTube
Video Details More Videos Subscribe to Videos

Most Recent Articles

Search Forum Recap

Daily Search Forum Recap: April 25, 2024

Apr 25, 2024 - 4:00 pm
Google Updates

Google March Core Update Still Rolling Out & Heated SEO Chatter Continue

Apr 25, 2024 - 7:51 am
Google

Report: How Prabhakar Raghavan Killed Google Search

Apr 25, 2024 - 7:41 am
Google Search Engine Optimization

Google Favicon Documentation Adds Rel Attribute Value Definitions

Apr 25, 2024 - 7:31 am
Google Ads

Google Ads API Version 16.1 Now Available

Apr 25, 2024 - 7:21 am
Google Search Engine Optimization

Google: Splitting & Merging Sites Takes Longer Than Normal Site Migrations

Apr 25, 2024 - 7:11 am
Previous Story: Yahoo Car Spotted At Twitter's Office in 2009
Next Story: Google's AROUND(n) Search Operator

The content at the Search Engine Roundtable are the sole opinion of the authors and in no way reflect views of RustyBrick ®, Inc
Copyright © 1994-2024 RustyBrick ®, Inc. Web Development All Rights Reserved.
This work by Search Engine Roundtable is licensed under a Creative Commons Attribution 3.0 United States License. Creative Commons License and YouTube videos under YouTube's ToS.