MS bug workaround: turn off scripting

Thomas Dowling tdowling at ohiolink.edu
Fri Oct 1 10:09:57 EDT 1999


There's [yet another] security bug being reported in Internet Explorer 5:
details at http://www.microsoft.com/security/bulletins/ms99-040.asp  The
gist of it is that an unscrupulous web page could read specific files on
your hard drive.

What conceivably could have the biggest impact is Microsoft's currently
recommended work around: turn off active scripting in IE5.  It leads me to
suppose that whatever unknown percentage of users surfing without
client-side scripting is likely to rise.  After all, if people turn it off
now, something specific is going to have to convince them to turn it back
on.  Caveat webmaster.

[If I were feeling really cynical, I'd point out that the page on which MS
recommends disabling scripting includes about 50 lines of textual content
and over 500 lines of Javascript code consisting of no less than seven
embedded scripts and src pointers to three more .js files.]


Thomas Dowling
OhioLINK - Ohio Library and Information Network
tdowling at ohiolink.edu




More information about the Web4lib mailing list