Date:         Sat, 17 Nov 2001 20:13:07 -0500
Sender:       The Internet TourBus - A virtual tour of cyberspace
Comments:     Resent-From:
Comments:     Originally-From: Patrick Douglas Crispen

From:         Patrick Douglas Crispen 
Subject:      TOURBUS -- 17 NOV 01 -- IE COOKIE PATCH FOR THE PC
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
               TOURBUS Volume 7, Number 33 -- 17 Nov 2001
     _________ ____________ ________ __________ _____________ ___ _
    /         |            /        |          |             /   | \
   |            READY TO START YOUR HOLIDAY SHOPPING?       /    |  \
   |__________|__________/__________|__________|___________/_____|   \
  /                                                              |----\
|  Let help you save money!  Hundreds of   |////|
|  coupons for over 100 of the top Online Stores.  Keep track   |////|
|  of current online sales in one convenient place.  And don't  |////|
|  miss our newsletters for Bargain hunters: Daily, Weekly,     |////|
|  or Hot Alerts.  Check out some Amazing Bargains now!         |////|
|                                                               |////|
|  CLICK!  |////|
       /   \  /   \                                             /   \
       \___/  \___/  T h e   I n t e r n e t   T o u r B u s    \___/
       SIX YEARS of Searchable Archives at !!
    IE Cookie Patch for the PC
    Yep.  We've got some.
Howdy, y'all, and greetings from beautiful Irvine, California, a papal
chapel in the Vatican Palace that was erected between 1473 and 1481 by
the architect Giovanni dei Dolci for Pope Sixtus IV.  :P
People magazine released its annual "Sexiest Man Alive" issue, and for
some odd reason they chose Pierce "Bond, James Bond" Brosnan instead
of *me*.  I don't get it.  What does Brosnan have that *I* don't have?
For those of you who answered "a job," I'll have you know that your
fearless bus driver has submitted resumes to the Orange County
branches of Canon, LeadingWay Knowledge Systems, Rand, Ricoh,
Washington Mutual, and ZC Sterling, among others.
And besides, even if I am not People Magazine's sexiest man alive, at
least I still have a shot at winning this year's Heisman Trophy.  :P
TOURBUS is made possible by the kind support of our sponsors.  PLEASE
take a moment to thank each of our sponsors for keeping our little bus
of Internet happiness on the road week after week.
+------------ *FREE* *FREE* *FREE*  INKJET CARTRIDGES! ------------+
   Buy 1, Get 1 FREE on all cartridges for your Epson, Canon, HP, or
   Lexmark printer!  100% Guaranteed Quality - Secure Ordering - Fast
   Service!  Free shipping on orders over $25!  Call 1-877-290-0687
   or visit our web site and check out all our new low prices!
+-----------------------  XPerience LINUX!  ------------------------+
   Learn Linux now with Bob Rankin's NO B.S. GUIDE TO LINUX.  The
   FREE CD with this book has Red Hat Linux, tons of freeware, Apache
   web server and cool Linux games.  You'll find valuable new job
   skills in 350 plain English pages -- no geekspeak or technobabble.
   NEWYORK NEWSDAY says: "The most accessible guide to getting started
   with Linux... Covers basic knowhow in a lighthearted style."  Cover
   price is $34.95 but TOURBUS readers get a 20% discount.  Order your
   copy today and get delivery anywhere in the world. Learn more about
   the book, read sample chapters, order online and save $7 now!
On with the show ...
Cookie Security Hole
Last week I showed you a Microsoft security bulletin warning that
      A vulnerability exists because it is possible to craft a URL that
      can allow sites to gain unauthorized access to user's cookies and
      potentially modify the values contained in them.  Because some
      web sites store sensitive information in a user's cookies, it is
      also possible that personal information could be exposed.
This cookie vulnerability exists in versions of Internet Explorer 5.5
and 6.0 for the PC, and possibly in earlier versions of Internet
Explorer for the PC as well.  This vulnerability only affects Windows
users who also use Internet Explorer -- in other words, it does *NOT*
affect Mac or Linux users, or PC users who use Netscape instead of IE.
Last week I also promised to give you the URL and installation
directions for Microsoft's patch as soon as it is available.
Well, it's available.  You can find the patch for PC versions of IE
5.5 and 6.0 at

Let's just hope this patch actually *WORKS*.  :)
On the "Security Update, November 12, 2001" page, choose your native
language (English, Spanish, Swedish Chef, etc.) from the pull-down
list and click on the grey "Go" button.  On the next page, click on
the "Security Update" link for your version of Internet Explorer.
If you don't know what version of IE you have, make sure you have
IE open and then go to Help --> About Internet Explorer.
The patch for IE 5.5 is 580 KB and should take just under three
minutes to download over a 28.8 modem (despite what Microsoft says).
The IE 6 patch is 448 KB and should take just over two minutes to
download over a 28.8 modem.
When you click on the "Security Update" link for your version of IE,
you'll be given the chance of either opening or saving the patch.  The
choice is up to you.  Remember, though, that if you save the patch to
your computer, you'll have to find that patch after it is downloaded
and then double-click on it for the patch to be applied.
Oh, and by the way, the patch requires you to restart your computer
after it is applied.  <*Grumble*>
What About *EARLIER* Versions of IE?
If you have an older version of Internet Explorer for the PC -- for
example, IE 5.0 or earlier -- you have a problem.  While the cookie
vulnerability may exist in early version of Internet Explorer for the
PC, Microsoft only supports Internet Explorer 5.5 and later.
No patch is available for pre-IE 5.5 versions of Internet Explorer,
and no patch will *ever* be available.
Unfortunately, if you have a pre-IE 5.5 version of Internet Explorer,
this leaves you with only three options:
      1. Upgrade to IE 5.5 or later (and apply the patch);
      2. Go "kamikaze": ignore the cookie vulnerability and keep using
         your old, unpatched version of IE; or
      3. Switch to another browser altogether.
Personally, I'd recommend upgrading.  IE 6 works fine on both of my
computers -- a Win98 SE desktop and WinME laptop -- and is a *heck* of
a lot more stable than Netscape.  You can find out more about
upgrading to IE 6 at .
If you choose to switch browsers, both Netscape and Opera have new
versions available for download.  You can find out more about these
browsers and *MANY* others at .
Reactivating Active Scripting
Last week I also mentioned that a simple way for you to protect your
computer from Microsoft's cookie vulnerability was to temporarily
disable active scripting in Internet Explorer 5.5 or 6.0 until the
patch is available.
What, exactly, is "Active Scripting?"  D. Ian Hopper at CNN Interactive
answers that question the best:
      When Microsoft uses the term Active Scripting, they're talking
      about both JavaScript and VBScript, which stands for Visual Basic
      Script.  These languages provide interactivity and 'life' to Web
      sites, without which they would be about as passive as a printed
      JavaScript isn't just used as a gimmick, either.  It's used by
      almost all major sites -- including CNN Interactive -- for uses
      such as navigation, pop-up windows and e-commerce.  Disabling
      scripting would seriously cripple the site.
      JavaScript isn't confined to Internet Explorer 5 ... It's used in
      almost all modern browsers as well as across platforms.
      [Quote from]
So, while disabling active scripting was a good stop-gap measure until
Microsoft released its cookie vulnerability patch, now that the patch
is available it is pretty good idea to turn active scripting back on.
Here's how:
      1. Launch Internet Explorer.
      2. Go to Tools --> Internet Options.
      3. Click on the "Security" tab.
      4. Click on the "Custom Level..." button.
      5. Scroll all the way down to the "Scripting" section (the
         section is second from the bottom and its icon is a scroll in
         the shape of the letter "S").
      6. Under "Active Scripting," choose "Enable."
      7. Under "Scripting of Java applets," also choose "Enable."
      8. Click on the "OK" button.
      9. Click on the "OK" button again.
That should do it.
Two weeks ago I accidentally misspelled both "Abilene" and "Tucson."
I apologize.  (It was a *LONG* trip.)
Also, if you had problems accessing the page for the Norton
SystemWorks 2002 Edition offer, please try 
instead.  I've been a *HUGE* fan (and user of) Norton SystemWorks for
as long as I can remember, and I have never seen it priced this
That's it for today.  Have a safe and happy weekend, Happy
Thanksgiving to everyone in the states, and we'll talk again next
    IE Cookie Patch
    Yep.  We've got some.
HAHD(verb).  To conceal.
Usage: "Uh, oh.  Here comes Bubba.  Hahd the Moon Pies!"
[Special thanks to Cindy Vela for today's wurd]
You can find all of the old Southern Words of the day at 
The Internet Tourbus - U.S. Library of Congress ISSN #1094-2239
Copyright © Bob Rankin and Patrick Crispen - All rights reserved
=====================[ Tourbus Rider Information ]===================
    The Internet Tourbus - U.S. Library of Congress ISSN #1094-2238
      Copyright 1995-2001, Crispen & Rankin - All rights reserved
  Help the hungry, poor and sick - for free!
       Subscribe, Signoff, Archives, Free Stuff and More at the
               Tourbus Website -
            .~~~.  ))
  (\__/)  .'     )  ))       Patrick Douglas Crispen
  /o o  \/     .~
{o_,    \    {    
   / ,  , )    \ 
   `~  '-' \    } ))    AOL Instant Messenger: Squirrel2K
  _(    (   )_.'
'---..{____}                  Warning: squirrels.

TOURBUS - 17 NOV 01 - IE COOKIE PATCH FOR THE PC, viruses, hoaxes, urban legends, search engines, cookies, cool sites
TOURBUS Site Search