Security Basics mailing list archives

Re: Internet Explorer 8 beta and xss filter...

From: Adam Pal <pal_adam () gmx net>
Date: Wed, 9 Jul 2008 13:50:28 +0200

Hello Jorge,

The link you submited describes the protection offered by IE8 as
"to protect against Type-1 XSS attacks", from this point of view  i`d
expect that the number of unintended attacks decrease.
Of course, there are also other types and the attackers will find a
possibility to pass through IE8-protection.

But i dont expect IE8 to _stop_ XSS, the attack is against a web
application, not against a browser, the point is just that it was not
visible to innocent users, which will change from now on.

I consider it as a "plus" for Microsoft that they take this threat
seriously and start integrating such protections into their own
browsers.

-- 
Best regards,
 Adam Pal   

Tuesday, July 8, 2008, 1:02:37 AM, you wrote:

<==============Original message text===============
JLV> hey guys...

JLV> just came across this article that describes the new security features
JLV> on IE 8 beta specially the XSS filter.

JLV> http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1319861,00.html#

JLV> do you think this will put a stop on xss attacks by Microsoft and their
JLV> new browser?




JLV> thanks
JLV> Jorge L. Vazquez
JLV> www.pctechtips.org

<===========End of original message text===========

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Current thread:

Internet Explorer 8 beta and xss filter... Jorge L. Vazquez (Jul 08)
- Re: Internet Explorer 8 beta and xss filter... Adam Pal (Jul 09)
  - RE: Internet Explorer 8 beta and xss filter... Mike Theriault (Jul 10)