Re: YANDEX cookie
- From: "cquirke (MVP Windows shell/user)" <cquirkenews@xxxxxxxxxxxxxxx>
- Date: Wed, 11 Jan 2006 11:30:15 +0200
On Mon, 9 Jan 2006 19:03:53 -0500, "Tom Leylan"
>"Fitz" <SENDNOMAIL@xxxxxxxxxxxxxxxxxx> wrote...
>> A cookie, in and by itself, is a text file and won't harm your computer
>> although they can be used to track your surfing habits..
That should be true, but is not. By DESIGN, a cookie can contain HTML
and scripts, and these scripts can be run.
This came to light when a bug was found, whereby a script dropped by
an Internet web site could be run in local HD "My Computer" security
zone, rather than in Internet security zone.
The patch fixed the bug by either forcing Internet Zone context on
such cookies, or maintaining the actual zone the script-in-cookie was
dropped from. The difference is material, if (say) you allow
Restricted Zone to drop cookies but didn't intend to run scripts.
>---------- ----- ---- --- -- - - - -
Don't pay malware vendors - boycott Sony
>---------- ----- ---- --- -- - - - -
.
- References:
- YANDEX cookie
- From: Tom Leylan
- Re: YANDEX cookie
- From: Tom Leylan
- Re: YANDEX cookie
- From: Tom Leylan
- Re: YANDEX cookie
- From: Malke
- Re: YANDEX cookie
- From: Tom Leylan
- Re: YANDEX cookie
- From: Tom Leylan
- YANDEX cookie
- Prev by Date: Re: Ms06-003
- Next by Date: Re: Do I have TOO MANY antivirus, antispyware, etc
- Previous by thread: Re: YANDEX cookie
- Next by thread: Re: YANDEX cookie
- Index(es):
Relevant Pages
|
