Did anyone bother to read the details of this vulnerability? But this means, that a second, evil page on the same server could steal those saved passwords.
In this case the server has already been compromised to some degree... and the only password in jeopardy is one to the very server you are connected to....
That's like saying a local restaurant is not a safe place to use a credit card.... because the staff might see my credit card number or they might be robbed and have my signature slip stolen...
BTW: Have any IE users actually tested to see that IE doesn't have the same "vulnerability"?
Slashdot Mirror
But this means, that a second, evil page on the same server could steal those saved passwords.
In this case the server has already been compromised to some degree... and the only password in jeopardy is one to the very server you are connected to....
That's like saying a local restaurant is not a safe place to use a credit card.... because the staff might see my credit card number or they might be robbed and have my signature slip stolen...
BTW: Have any IE users actually tested to see that IE doesn't have the same "vulnerability"?