News

Internet Explorer "Cookie Jar" Vulnerability Discovered

A vulnerability has been found in Microsoft's Internet Explorer that exposes cookies used by many major Web sites to track user information and traffic, according to Peacefire.org.

The vulnerability involves typing a special URL into the browser that confuses it and makes it act as though it is reading the section of the site that initially distributed the cookie. Because cookies are stored as plain text files, the vulnerability could give a malicious user access to a person's vital information, credit card numbers, and passwords.

All versions of Internet Explorer for Windows 95, 98, and NT are known to be affected, while the Macintosh and Unix versions appear safe at this time. The vulnerability is not known to affect Netscape browsers.

Peacefire.org recommends disabling JavaScript functionality in Internet Explorer as the most effective workaround for this vulnerability. - Isaac Slepner

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

comments powered by Disqus
Most   Popular