PureBytes Links
Trading Reference Links
|
On November 8, Microsoft released a security bulletin
warning that cookies in Internet Explorer 5.5 and 6.0 may be
viewed or even changed by malicious hackers. See ...
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-055.asp
( URL is all on one line )
---- SUMMARY -----
Since some Web
sites store personal information in cookies, hackers could
use this vulnerability to obtain sensitive information such
as user names, passwords and credit card numbers.
This attack is limited in scope by the fact that the
attacker must target a specific cookie.
Although a patch is not yet available, Microsoft has
supplied workarounds:
For Internet Explorer 5.5 and 6.0, disable both
Active Scripting and Scripting of JAVA applets.
Unfortunately, many web sites require active scripting.
For Outlook 2000:
Applying this Outlook E-mail Security Update
will protect you from HTML e-mails containing this exploit ...
http://office.microsoft.com/downloads/2000/Out2ksec.aspx
Regards,
Mark Jurik
|