Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Security gone awry: IE 8 XSS filter exposes sites......


19 Apr 2010   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
Security gone awry: IE 8 XSS filter exposes sites......

Quote:
Security gone awry: IE 8 XSS filter exposes sites to XSS attacks

The cross-site scripting filter that ships with Microsoft’s Internet Explorer 8 browser can be abused by attackers to launch cross-site scripting attacks on websites and web pages that would otherwise be immune to this threat.

According to a presentation at this year’s Black Hat Europe conference, the issue introduces security problems at several high-profile websites, including Microsoft’s own Bing.com (screenshot), Google.com, Wikipedia.org, Twitter.com (screenshot) and just about any site that lets IE 8 users create profiles.

Microsoft added the anti-XSS feature in IE 8 last August to detect Type-1 (reflection) attacks that can lead to cookie theft, keystroke logging, Web site defacement and credentials theft. However, as the researchers discovered, Microsoft’s filters work by scanning outbound requests for string that may be malicious.
Source -
Security gone awry: IE 8 XSS filter exposes sites to XSS attacks | Zero Day | ZDNet.com

My System SpecsSystem Spec
.

19 Apr 2010   #2

Windows 7 Ultimate 32 bit
 
 

That makes even more thankful for Firefox and NoScript.
My System SpecsSystem Spec
Reply

 Security gone awry: IE 8 XSS filter exposes sites......




Thread Tools



Similar help and support threads for2: Security gone awry: IE 8 XSS filter exposes sites......
Thread Forum
Outlook 2010 - Mail Filter Rules sould only filter Mails after a week Browsers & Mail
Security hole exposes Twitter accounts to hacking Security News
Video sequence awry Music, Pictures & Video
Flashback malware exposes big gaps in Apple security response Security News
Web Browser Security Testing Sites Security News
80% of fed sites miss DNS Security deadline. Security News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 01:09 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33