[ Security gone awry: IE 8 XSS filter exposes sites to XSS attacks ] Microsoft shipped two separate updates recently -- MS10-002 and MS10-018 -- with defense-in-depth changes that addressed the bulk ...

[ UPDATE: Microsoft plans to ship an XSS filter update in June 2010to fix what is hopefully the last attack scenario ] The cross-site scripting filter that ships with Microsoft's Internet Explorer 8 ...

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. Microsoft is planning an update to the cross-site ...

Attackers are able to bypass the reflective cross-site scripting filter in Internet Explorer; the weakness is accepted by Microsoft as part of its design philosophy for the filter and will not be ...

David Lindsay, a researcher at software security company Cigital, presented a paper entitled 'Abusing Internet Explorer 8's XSS Filters' at the Black Hat conference in Barcelona, Spain. The pair ...

Many websites have a WYSIWYG editor. You may not even realise that you are using one, but – if you think about it – chances are that many of the sites that you visit allow you make forum posts, ...

Microsoft is preparing a security update in June for the IE XSS filter in Internet Explorer 8. The update will address a flaw in IE 8 that could enable cross-site scripting (XSS) attacks by hackers.

A zero-day vulnerability in yahoo.com that lets attackers hijack Yahoo! email accounts and redirect users to malicious Web sites offers a fascinating glimpse into the underground market for ...

Google yesterday announced it has added several new security features to Chrome, including two that were first popularized by rival Microsoft in Internet Explorer 8 (IE8) last year. The newest “stable ...

On the heels of a Black Hat EU presentation that exposed security problems with the cross-site scripting (XSS) filter in Internet Explorer 8, Microsoft plans to ship an update to the filter to fix ...