Home page logo

webappsec logo WebApp Sec mailing list archives

RE: unable to access web site embeds username & password
From: "Michael Howard" <mikehow () microsoft com>
Date: Mon, 21 Jun 2004 12:22:47 -0700

I wrote about this in my blog in feb04


essentially, the change was made to mitigate one type of phishing attack

you can enable this "functionality" with a reg key


[Writing Secure Code 2nd Edition]
[Protect Your PC] http://www.microsoft.com/protect
[Blog] http://blogs.msdn.com/michael_howard
[Annual Security Training]

-----Original Message-----
From: OPTUSBYS [mailto:bysoo1 () optusnet com au] 
Sent: Thursday, June 17, 2004 4:32 AM
To: webappsec () securityfocus com
Subject: unable to access web site embeds username & password

Dear all,

I have discovered if I access my intranet that embeds the username and
password, it will not work on workstations have the latest Microsoft
security patches installed.

http://username:password () webserver/website

Does anyone have a solution to this because I still don't know which
security patch that inhibits the access. 

On the other hand, I don't really want to leave my workstations

Thanks for your contribution.

Much appreciated.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]