Friday, November 20, 2009

IE8 XSS protection introduces XSS vulnerability to sites

Breaking the web in new and exciting ways: IE8 bug makes 'safe' sites unsafe
"The latest version of Microsoft's Internet Explorer browser contains a bug that can enable serious security attacks against websites that are otherwise safe.

The flaw in IE 8 can be exploited to introduce XSS, or cross-site scripting, errors on webpages that are otherwise safe, according to two Register sources, who discussed the bug on the condition they not be identified. Microsoft was notified of the vulnerability a few months ago, they said.

Ironically, the flaw resides in a protection added by Microsoft developers to IE 8 that's designed to prevent XSS attacks against sites…"

Labels: , ,

4 Comments:

Blogger jordan said...

Epic lol.

11:25 AM  
Anonymous Anonymous said...

I just finished doing a class presentation on a web application I made. The problem is, I coded it and tested it in Mozilla Firefox - but due to slight nervousness I failed to notice the computer in the front of the class had Internet Explorer open.

I fumbled through the presentation because HALF, and I'm serious... HALF, of my application did not work.

When I walked back to my desk I finally realized I was using IE during the presentation.

I hate internet explorer. Microsoft needs to get the hell out of the browser market until they can compete with the real browsers.

3:14 PM  
Anonymous Anonymous said...

One of our developers wrote a song called "IE is being mean to me" and you can find the video here:

http://with.us/meanie
or
http://www.youtube.com/watch?v=vTTzwJsHpU8

Hope you like it.

4:01 PM  
Anonymous Anonymous said...

This is why Firefox will is one of the best.

6:07 PM  

Post a Comment

<< Home