Exposure of sensitive information in Internet Explorer
A vulnerability has been identified in Internet Explorer, which exposes sensitive information to "msn.com" and "alexa.com".
While this is a known "feature" when the "Show Related Links" option is activated in Internet Explorer, there is a bug, so that Internet Explorer will keep transmitting the information to "msn.com" and "alexa.com" after "Show Related Links" has been de-activated. This occurs whenever "Ctrl+R" is used to reload a page.
Mozilla has had a similar vulnerability and still ships with a sidebar panel that contacts Alexa without telling the user about Alexa's policies or anything like that.Comment by Henri Sivonen at June 13, 2003 01:07 PM | Permalink