|
PureBytes Links
Trading Reference Links
|
Yeah, but there isn't any real solution yet. Disabling active
scripting, the only recommended MS solution at this time, will cause
many websites to fail or not work correctly. So instead, stick to
well-known sites and avoid those bin laden, etc. joke sites <g>.
--- In realtraders@xxxx, Mark Jurik <mark@xxxx> wrote:
> On November 8, Microsoft released a security bulletin
> warning that cookies in Internet Explorer 5.5 and 6.0 may be
> viewed or even changed by malicious hackers. See ...
>
> http://www.microsoft.com/technet/treeview/default.asp?
url=/technet/security/bulletin/MS01-055.asp
>
> ( URL is all on one line )
>
>
> ---- SUMMARY -----
>
> Since some Web
> sites store personal information in cookies, hackers could
> use this vulnerability to obtain sensitive information such
> as user names, passwords and credit card numbers.
>
> This attack is limited in scope by the fact that the
> attacker must target a specific cookie.
>
> Although a patch is not yet available, Microsoft has
> supplied workarounds:
>
> For Internet Explorer 5.5 and 6.0, disable both
> Active Scripting and Scripting of JAVA applets.
> Unfortunately, many web sites require active scripting.
>
> For Outlook 2000:
> Applying this Outlook E-mail Security Update
> will protect you from HTML e-mails containing this exploit ...
>
> http://office.microsoft.com/downloads/2000/Out2ksec.aspx
>
> Regards,
> Mark Jurik
To unsubscribe from this group, send an email to:
realtraders-unsubscribe@xxxxxxxxxxxxxxx
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
|