ZDNet

Security gone awry: IE 8 XSS filter exposes sites to XSS attacks

[ UPDATE: Microsoft plans to ship an XSS filter update in June 2010to fix what is hopefully the last attack scenario ] The cross-site scripting filter that ships with Microsoft's Internet Explorer 8 ...
eWeek

Microsoft to Update XSS Filter to Address Black Hat Attack

eSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly ...
ZDNet

Microsoft to fix security hiccups in IE 8 XSS filter

[ Security gone awry: IE 8 XSS filter exposes sites to XSS attacks ] Microsoft shipped two separate updates recently -- MS10-002 and MS10-018 -- with defense-in-depth changes that addressed the bulk ...
Threat Post

Bypass of Internet Explorer Cross-Site Scripting Filter Possible

Attackers are able to bypass the reflective cross-site scripting filter in Internet Explorer; the weakness is accepted by Microsoft as part of its design philosophy for the filter and will not be ...
Graham Cluley

WYSIWYG editors could be an avenue for XSS attacks, warns researcher

Many websites have a WYSIWYG editor. You may not even realise that you are using one, but – if you think about it – chances are that many of the sites that you visit allow you make forum posts, ...
Infosecurity-magazine.com

Researchers reveal Internet Explorer 8 XSS filtering flaw

David Lindsay, a researcher at software security company Cigital, presented a paper entitled 'Abusing Internet Explorer 8's XSS Filters' at the Black Hat conference in Barcelona, Spain. The pair ...
Threat Post

Microsoft to Fix IE 8 XSS Filter Security Problems

On the heels of a Black Hat EU presentation that exposed security problems with the cross-site scripting (XSS) filter in Internet Explorer 8, Microsoft plans to ship an update to the filter to fix ...