The Washington, D.C., newspaper is among the few major news organizations to report that a flaw in the way that Google treats search queries may allow hackers to get to a wide range of websites that use a common query.
In a report Friday, the paper’s digital news team said that an attacker could hijack an email or phone call to gain access to the Web address that a Web server typically uses to look up web content.
“We know this vulnerability exists in Google, but it’s not yet clear how widespread it is, how easy it is to exploit, or how easy a hacker could exploit it,” the newspaper wrote in a report published Friday.
The Washington paper also noted that the vulnerability does not appear to affect any of the other major browsers, including Microsoft Internet Explorer and Mozilla Firefox.
“The fact that this flaw has not been publicly reported may make it difficult for Google to fix it,” The Washington Times’ Peter Kafka wrote in the paper.
“Google has made it clear it will not fix this vulnerability and will only patch it if a patch is released.”
Google said in a statement that the flaw has “never been exploited in a malicious manner and will be fixed soon.”
Google and other tech companies have made security updates available to all affected users, with a similar program being used in many major U.S. cities.
Google did not immediately respond to a request for comment Friday.