IE security patch nixes some apps
Microsoft last week announced that a modification to its IE browser would stop the insecure practice of including sensitive information in links. The update, which was released Monday, had some Web site programmers up in arms Wednesday due to complaints from Web users that they could no longer log in to sites that secure entry through credentials included in the URL.
"Microsoft may have legitimate reasons for addressing the issue, but the way they addressed it--an across-the-board kill of an industry standard--is troublesome," said James Rosko, a software engineer for a data-processing service on the Web. He and other programmers spent Tuesday night making changes to the programs that process login requests for his company's Web site, which he requested not be named.
By Robert Lemos at CNET.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.