Ego One - Pure | Fresh | First
Would you like to react to this message? Create an account in a few clicks or log in to continue.

We're Moving. So, we've disabled new registrations on this forum. The forum will not officially be released until 8 PM Pacific Standard Time (Friday, Sept, 9th, 2010)~ http://www.ego-one.net/

Ego One - Pure | Fresh | First » Official »  » From the homepage    » Microsoft to fix IE8 Cross-Site Scripting Problem, Again....

View previous topic View next topic Go down  Message [Page 1 of 1]

MrMario

MrMario
Manager
Microsoft to fix IE8 Cross-Site Scripting Problem, Again.... IEMicrosoft will plug a hole in a built-in filter in Internet Explorer 8 that can be used to launch the very types of attacks on Web sites it was designed to help prevent, the company said on yestorday.
The company will update the IE cross-site scripting (XSS) filter in June to fix a hole that researchers warned about at the Black Hat Europe conference in Barcelona last week. The researchers showed how problems with the filter could be used to inject malicious code onto sites including Google, Microsoft's Bing search site, and Twitter.

"A June release is what's usual for the testing involved for updates,"
Microsoft spokesperson said.

This will be Microsoft's third attempt to fix security issues with the XSS Filter in IE8.

"The XSS Filter related Blackhat EU presentation discussed a vulnerability that was previously disclosed and addressed in the January security update to Internet Explorer (MS10-002)," David Ross wrote on the Microsoft Security Response Center blog.

That was followed by a critical update in March. (MS10-018)

The update scheduled for June "will address a script tag attack scenario described in the Blackhat EU presentation," Ross wrote.

"In the case of the Internet Explorer XSS Filter, researchers found scenarios that are generally applicable across XSS filtering technologies in all currently shipping browsers with this technology built-in."




No Comment.

View previous topic View next topic Back to top  Message [Page 1 of 1]

Ego One - Pure | Fresh | First » Official »  » From the homepage    » Microsoft to fix IE8 Cross-Site Scripting Problem, Again....

Permissions in this forum:
You cannot reply to topics in this forum



Site powered by Forumotion
Copyright 2006-2013 | JalokimGraphics | Ego-One
<!-- <script type="text/javascript"> var vglnk = { key: '0d80ae9fe71cec9484f682bd59232f9e' }; (function(d, t) { var s = d.createElement(t); s.type = 'text/javascript'; s.async = true; s.src = '//cdn.viglink.com/api/vglnk.js'; var r = d.getElementsByTagName(t)[0]; r.parentNode.insertBefore(s, r); }(document, 'script')); </script> <div id="Forumactif_Video"></div> <script type="application/javascript"> //<![CDATA[ var slmadshb = slmadshb || {}; slmadshb.que = slmadshb.que || []; slmadshb.que.push(function() { slmadshb.display("Forumactif_Video"); }); //]]> </script> <script type="text/javascript">window._taboola = window._taboola || []; _taboola.push({flush: true});</script> <!-- BEGIN 1425605 - etoxic - FR - CDB - PCK - sticky footer - 728x90--> <div id="criteo_sticky"> <script type="text/javascript"> function CreateStickyFooterContainer(e) { var t = document.getElementById(e); t.style.position = "fixed", t.style.zIndex = "2147483646", t.style.bottom = "0", t.style.left = "0", t.style.padding = "0", t.style.borderColor = "rgb(196, 196, 196)", t.style.width = "100%", t.style.backgroundColor = "rgba(245, 245, 245, 0.54902)", t.style.borderStyle = "solid", t.style.borderWidth = "1px"; var o = document.createElement("a"); t.appendChild(o), o.style.backgroundColor = "rgb(221, 221, 221)", o.style.backgroundImage = "url('//static.criteo.net/images/criteo/publishertag/close.png')", o.style.backgroundRepeat = "no-repeat", o.style.backgroundPosition = "center", o.style.display = "block", o.style.position = "absolute", o.style.left = "0", o.style.top = "-24px", o.style.width = "23px", o.style.height = "24px", o.style.borderBottomColor = "#6d6c71", o.style.cursor = "pointer", o.onclick = function() { t.style.display = "none" }; var l = document.createElement("div"); l.id = "cto_sticky", l.style.margin = "0 auto", l.style.display = "table"; t.appendChild(l); return l.id }; Criteo.events.push(function() { if(!isMobile){ Criteo.Passback.RenderAd(CreateStickyFooterContainer("criteo_sticky"), function(){ var slotid = "criteo_sticky"; var div = document.getElementById(slotid); div.removeAttribute("style"); }); } else{ var slotid = "criteo_sticky"; var div = document.getElementById(slotid); div.style.display = "none"; } }); </script> </div> <!-- END CRITEO TAG --></body></html><strong><a href="https://www.forumotion.com/create-forum/phpbb3" target="_blank">Free forum</a></strong>&nbsp;|&nbsp;<span class="gensmall">&copy;</span><a href="https://www.forumotion.com/phpbb" target="_blank">phpBB</a>&nbsp;|&nbsp;<a name="bottom" href="https://help.forumotion.com/" target="_blank">Free forum support</a>&nbsp;|&nbsp;<a href="/abuse?page=%2Ft1278-microsoft-to-fix-ie8-cross-site-scripting-problem-again&amp;report=1" rel="nofollow">Report an abuse</a>&nbsp;|&nbsp;<strong><a href="https://www.forumotion.com" target="_blank">Forumotion.com</a></strong>Derp