Windows Secrets

Subscribers: Sign in

Enter your e-mail address to get a free subscription.
We guarantee your privacy
Skip to content
  • Home
  • Newsletter Archives
    • Current
    • LangaList Plus
    • Patch Watch
    • Wacky Web Week
    • Security Baseline
  • E-Books
  • Lounge
  • About us
    • Refunds
    • Privacy Policy
    • Advertise
  • Contact
  • Your Account
    • Upgrade
    • Preferences
    • Bonus Download
    • Unsubscribe
Home>PC Tune-Up>More vulnerabilities found in Internet Explorer

More vulnerabilities found in Internet Explorer
Tweet

Mark edwards By Mark Joseph Edwards

There are no patches for two recently discovered Internet Explorer 7 security bugs, but you can defend against them.

One of the exploits causes secure information to remain cached, and the other may make Javascript unsafe.

Internet Explorer might cache sensitive data

By default, Internet Explorer 7 doesn’t cache Web pages accessed via Secure Sockets Layer (SSL) connections. However, Bill Knox of MITRE discovered that, in some cases, IE 7 might indeed cache sensitive data transmitted via SSL that it should delete automatically when the page closes.

Microsoft is aware of the problem but has no patch available. We’ll probably see a patch for the SSL glitch from the company sooner or later.

In the meantime, the workaround cited on CERT’s page is to delete the browser cache. According to CERT, the cache in question resides in the following directory, where yourname is your user name:

yournameAppDataLocalMicrosoftWindowsTemporary Internet FilesLow

To delete the cache, follow these steps:

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

Related posts:

  1. Severe Internet Explorer SSL vulnerability
  2. Internet Explorer Patch Patch
  3. Internet Explorer still has holes left
  4. Internet Explorer has triple security threat
  5. More unpatched flaws in Internet Explorer
= Paid content

All Windows Secrets articles posted on 2008-05-15:

  • Introduction Steal our links — no, really, we mean it
  • Top Story Keep XP fresh until Windows 7 arrives
  • Wacky Web Week Windows rocks! The OS plays a Who classic
  • Best Software One online notetaker outshines the competition
  • PC Tune-Up More vulnerabilities found in Internet Explorer
  • Patch Watch XP Service Pack 3 crashes HP’s AMD-based PCs
  •  Show all articles on a single page
E-books

We’ve pored through years of back issues, picking the best tips, to create these ebooks:

E-book series
  • PC Maintenance Guide
  • PC Security Guide
  • Windows 7 Guide Vol 1
  • Windows 7 Guide Vol 2
  • Win XP Survival Guide
See the e-book series
Top-scoring articles in the past 12 months
  • Leaving long cookie trails throughout the Web 5.00
  • Windows-like security for Android devices 5.00
  • Win7′s no-reformat, nondestructive reinstall 4.53
  • The sorry tale of the (un)Secure Sockets Layer 4.42
  • RPV: Win7′s least-known data-protection system 4.33
  • Recovery: the last step in total data security 4.30
  • Time for a .NET update we can’t ignore 4.30
  • Getting the most from Windows Search — Part 1 4.25
  • Revising printing habits saves money and trees 4.25
  • Upgrades end in erratic, partial hangs 4.25
  • Pros and cons of a ‘keyfile’ password 4.21
  • Beating back Duku and a plethora of other threats 4.20
  • Office 2007 gets its final service pack 4.19
  • Putting Registry-/system-cleanup apps to the test 4.19
  • One year and 99 security bulletins later 4.18
  • 1.8TB external drive goes down hard 4.17
  • Don’t pay for software you don’t need — Part 3 4.16
  • Internet Explorer gets another round of patches 4.15
  • Is your free AV tool a ‘resource pig?’ 4.15
  • Vacation’s over; it’s a big round of patches 4.15
  • Remote access leads to remote attacks 4.15
  • Keeping you up to date: say no to .NET — again 4.14
  • Take control of Google’s privacy policy settings 4.14
  • Office File Validation patch leads to problems 4.14
  • The advanced system-recover toolkit 4.13
  • New “419″ scam involves PayPal and Western Union 4.12
  • Readers’ best personal-privacy tips 4.11
  • Getting the most from Windows Search — Part 2 4.11
  • Re-examining Dropbox and its alternatives 4.10
  • Easily edit Windows’ right-click context menus 4.09
Connect with us Follow us on Twitter Connect with us on Facebook View our RSS Feeds
  • Home|
  • Newsletter|
  • About Windows Secrets|
  • Advertise with us|
  • Unsubscribe|
  • Sitemap|
  • Affiliates|
Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of iNET Interactive. All other marks are the trademarks or service marks of their respective owners.
iNET Interactive Copyright © 2011 iNET Interactive.
All rights reserved.
Terms of Use  |  Privacy Policy
Internet Services
  • Web Hosting Talk
  • HostingCon
  • Hosting Catalog
  • Host Voice
Web Development
  • Hot Scripts
  • DB Forums
Digital Marketing
  • ABestWeb
  • Search Marketing Standard
  • PayPerClickUniverse
  • SEMCompare
Consumer Tech
  • Windows Secrets
  • Overclockers
  • Mac Forums

Learn more about
advertising opportunities across the iNET Interactive Network.

LiquidWeb