Cumulative Security Update for Internet Explorer (832894) -bad

[Thomas]

Am I the only one who things disabling a feature which is
part of the URL specification is a bad idea?
userassword@... is a feature many web-sites use. So why
does the internet explorer think it has to disable this
feature!@

 

[jlkj2]

because it's too easy for crooks, spammers, spyware foisters, etc. to use
this feature to obsfuscate the URL and fool unwitting users into thinking
they're visiting one site (say, microsoft.com for a security update?) when
they are, in fact, visiting a site that will put a trojan on their PC. It
has been a very widely abused feature.

yes, it might be problematic for some sites, but i think it's a good change.
They should've given more notice, though, at least 3 months.

 

[H Leboeuf]

Reasons explained here.
http://support.microsoft.com/?kbid=834489
-

Henri Leboeuf
Web page: http://www.generation.net/~hleboeuf/index.htm