Major IE8 Flaw Makes "Safe" Sites Unsafe
After this weekend’s report of a dangerous flaw in IE (which Microsoft confirmed today), intrudere points out an exclusive report in The Register on a new hole in IE8 that could allow an attacker to pull off cross-site scripting attacks on Web sites that ought, by rights, to be safe from XSS. This is according to two anonymous sources, who told El Reg that Microsoft had been notified of the vulnerability a few months ago.
- New IE Vulnerability Used In Targeted Attacks; IE9, IE10 Users Safe
- Microsoft Makes Major Shift In Disclosure Policy
- IE Flaw Lets Sites Track Your Mouse Cursor, Even When You Aren’t Browsing
- Microsoft Patches Major Hotmail 0-day Flaw After Widespread Exploitation
- File-hosting Sites Not a Safe Haven For Private Data