[Gomez]

ping

[rahbert]

The only way to remove the path is erase the text in an editor and save the document.

What would you want IE default behavior to be?
Sounds like a default behavior with a trivial workaround.

At most I would add a registry setting to rmove the path
leading to the filename. This is not an OS bug.

[Talisker]

All versions of IE suffer from the bug. A Microsoft spokeswoman said..."We can confirm that this is not a vulnerability"

LOL, it's not a bug, it's a feature. Yeah, that's the ticket!

[Knitebane]

Okay, everyone here knows that I'm no fan of Microsoft but I'm having a hard time getting worried about this one.

It appears that no actual files are being exposed, just the path names.

While I understand that this is less than optimal, unless you've got stuff like this on your system:

C:\Documents and Settings\obinladen\Desktop\Jihad\Bombs\ANFO\Project Bomb the Synagogue on 3rd and Maple on December 18th\Project Plan.doc

...then there really isn't a lot to worry about.

Most things people would have would look like:

C:\Documents and Settings\joeuser\Desktop\Lists\Christmas List.doc

Moral: If you have sensitive data on your machine, don't name the folders with the sensitive data. Leave the data in a file.

Now granted, this shouldn't be information that leaks out and Microsoft needs to fix it, but I'm pretty sure that this really isn't a major breach unless you're pretty dumb in how you set up your directory structure.

[OneWingedShark]

Regarding the http://wids.matcmadison.edu/10150170.pdf

LOL - That’s quite standard behavior for printing out web-documents, so I’m guessing that it was output viewed on a browser and then “printed” on a virtual PDF-producing printer.

[MichiganConservative]

I don’t quite understand why this is a web browser bug.

It sounds like it’s a bug in whatever software created the PDF. That could be the fault of MS, if they wrote that code, or it could be Adobe, or some other software developer. It could be a “feature”. Was the file path part of the visible content of the PDF? They seemed to indicate it was part of the PDF markup that is not usually visible with typical PDF viewers, but I wonder.

Usually IE and other web browsers do not create PDF files. You’d usually have to print to a PDF from the browser, but that wouldn’t make the PDF visible on a public web server for searching.

Whoever wrote this article seems technically illiterate. The article seems poorly edited. Both are probably true.

[grey_whiskers]

Like, *PING*, dudes.

Steel, the *real* source for the Hadley CRU email dump...? /sarc>

Cheers!