Internet Explorer 9.0.2 Update

re: Internet Explorer 9.0.2 Update

Brian — Thu, 06 Dec 2012 04:08:11 GMT

In IE9, I have a link displayed by an external server pointing to a local "file:///C:/file.txt" -- an address which works fine when typed into the address bar, but not when the link is clicked. I have added the external server to the trusted sites (when I right click on the page and go to properties, it says "Zone: Trusted sites | Protected Mode: Off") and lowered the trusted sites' security to low.

What am I missing?

re: Internet Explorer 9.0.2 Update

EricLaw [ex-MSFT] — Tue, 25 Sep 2012 20:56:27 GMT

@Gord: Your existing cookie filters continue to apply. The cookie filenames on disk have no impact on the Cookie Controls. blogs.msdn.com/.../understanding-internet-explorer-cookie-controls.aspx

re: Internet Explorer 9.0.2 Update

Gord Richardson — Tue, 25 Sep 2012 20:50:24 GMT

I have accumulated a huge list of blocked tracking/adware/spyware cookies in IE>Tools>Internet options>Privacy>Sites. With the random cookie naming update, will these cookies still be blocked or will I now be flooded with these pernicious nuisances? Obviously I can no longer recognize or Google cookie domains to see if they pose a threat and that alone is annoying enough.

re: Internet Explorer 9.0.2 Update

iFiredog — Sat, 10 Sep 2011 09:15:10 GMT

Until recently, I could drag an .eml file (a Windows Live Mail message) into a blank IE9 window and it would display. Now I always get an 'Address not valid' error page with something like mhtml:file://C:\Users\NB\Desktop\Test.eml in the address bar. Is this also a consequence of KB2559049 or have I changed something else that would cause this altered behaviour?

re: Internet Explorer 9.0.2 Update

Bill Everitt — Mon, 29 Aug 2011 13:32:29 GMT

Revisited our Trusted Sites in our GPO and added the address to the server that hosts our intranet homepage and that appears to have fixed the problem.

re: Internet Explorer 9.0.2 Update

EricLaw [ex-MSFT] — Wed, 24 Aug 2011 13:55:23 GMT

@Rune: Nope, that's not possibly related to this update. Do you have a URL I could look at? The typical explanation here is that the user visits your site at example.com which sets the cookie and redirects to www.example.com which also sets the cookie without setting a domain attribute which would overwrite the first cookie. IE will subsequently send both cookies, as designed.

re: Internet Explorer 9.0.2 Update

Rune Tendal Kock — Wed, 24 Aug 2011 11:11:26 GMT

We have started getting trouble with one of our sites, which may be related to this update. We set a cookie to a new value, and afterwards, IE sends the cookie twice, with both the old and the new value.

re: Internet Explorer 9.0.2 Update

EricLaw [ex-MSFT] — Tue, 23 Aug 2011 17:13:28 GMT

@Jim, you should contact Microsoft Product Support to learn how to properly apply the mitigation for this issue. My guess is that you've added the wrong site to the Trusted Zone.

re: Internet Explorer 9.0.2 Update

Jim Hainsworth — Tue, 23 Aug 2011 17:10:39 GMT

user may add the HTTP/HTTPS site to the Trusted Sites zone and the file-protocol-sourced content will load as it did prior to this update.

We use Salesforce and it has links to internal documents on our local shares. Adding the sites to the trusted zone has no effect still broken.

re: Internet Explorer 9.0.2 Update

EricLaw [MSFT] — Wed, 17 Aug 2011 21:33:15 GMT

@Bill: You should send me email directly to discuss. As noted, this change only applies to the Internet, not the Intranet. If your zone settings are misconfigured such that your Intranet is treated as the Internet, I can help you fix those up.