Spacer Sidebar Directory Map

The Training Book, the handbook for trainers

The Training Book, the handbook for trainers

 

ITrain - International Association of Information Technology Trainers Want My Password?
Microsoft blows security again

ITINFO Sponsor

ITrain - International Association of Information Technology Trainers

The professional association offering online resources to Information Technology trainers, including discounts on certified software learning guides. Membership open to individuals, training companies, and vendors of related products and services.

"An especially highly-recommended way to stay current [as a computer trainer] is to join ITrain, the International Association of Information Technology Trainers."
ComputerUser Magazine

"ITrain.org has been selected as one of the best educational resources on the web."
StudyWeb

member@itrain.org
ITrain

Internet Poll
Have you attended a seminar via e-learning?
yes
no

poll archive

Internet Explorer 5 Security Hole
by Dave Murphy
ISSN 1535-3613

Dave Murphy, DGL President & ITrain founder Microsoft Corp.'s Internet Explorer 5.0 browser exposes user names & passwords on password-protected ftpsites. Every time IE 5.0 users access such a site, their user name and password are automatically revealed.

For example, when a user clicks on a link to download a file, the specified username and password are transmitted in the clear (unencrypted, non-secure) and are displayed on the status line of the web browser.

Because many downloads may take from a few minutes to more than an hour, the username and password will be visible for an extended time.

Microsoft downplayed the vulnerability and said users are at risk only if an untrusted person is looking over their shoulder during the download; however, Microsoft has agreed to remedy this problem in a future release of their web browser.

What do you think about this security hole? Is it worth being concerned about? Leave your comments on the message center.

Microsoft Corp.
Message Center

Subscribe to ITINFO.
Receive computing and Internet news & tips
by subscribing to the ITINFO information service.
Type your Internet email address in the form, and click "Subscribe."
Email Address:

Damar Group, Ltd. helps business use technology.

ITINFO is again accepting sponsors. Sponsor messages are included in ITINFO's email newsletter and are permanently posted to DGL's website and online reference areas.

ITINFO is an electronic publication of Damar Group, Ltd., publisher of Training Express computer learning guides. Comments and submissions to info@dgl.com.

Previous issues are on our website at http://dgl.com/itinfo/.

updated August 11, 1999
http://dgl.com/itinfo/1999/it990811.html

Return to DGL homepage
Copyright © 1999, Damar Group, Ltd., All Rights Reserved