Latest ‘cookiejacking’ vulnerability affects all versions of Internet Explorer

[hclarkjr]

http://www.winrumors.com/latest-coo...ty-affects-all-versions-of-internet-explorer/

 

[GaryJohnson]

Google took down the site detailing the vulnerability.

More detailed video presentation of it here:
http://www.youtube.com/watch?v=VsSkcnIFCxM

 

[pcunite]

This and any other vulnerability does not now and has never, and will never effect those using Windows XP SP3 or higher with LUA + SRP properly configured. Learn about it and enjoy proper computing.

Read:
http://www.mechbgon.com/srp/index.html

 

[Chiefcrowe]

crazy.. hope they are working on the patch soon!

 

[GaryJohnson]

This and any other vulnerability does not now and has never, and will never effect those using Windows XP SP3 or higher with LUA + SRP properly configured.

How would that protect you exactly from this specific vulnerability? IE is opening cookies it saved in your user directory.

 

[pcunite]

How would that protect you exactly from this specific vulnerability? IE is opening cookies it saved in your user directory.

My apologies as I answered this too soon, misreading the thread. SRP does not stop a program from working as intended ... ie scripting a web browser to read internet cookies ... the fix is a change in IE's behavior as this is not really a hack by itself.