Maximum PC XSS RSS Feed

IE Climbs Into the "It's Not a Bug, It's a Feature" Browser Doghouse with Unpatched GIF Vulnerability

Mark Edward Soper — Tue, 01 Jul 2008 15:08:34 -0500

According to Kapersky Labs analyst Roel Schouwenberg, GIF files can include embedded JavaScript, and under certain circumstances, can be used to launch a cross-site-scripting (XSS) attack. Internet Explorer's vulnerable to this threat, and at least one web site's already been affected.

To find out how long Redmond's known about this problem, and how another browser vendor set Microsoft an example in how to deal with a reported vulnerability, join us after the jump.

Vista Security Features Finally Getting Some Respect

Mark 'Marcus_Soperus' Soper — Mon, 14 Apr 2008 22:33:29 -0500

While Windows Vista often takes a beating 'round these parts for problems with speed and compatibility with older software, its improved security features are helping make video playback and web browsing more secure. Find out how.

Browser Wars, Part II

Mark Soper — Wed, 26 Mar 2008 22:36:00 -0500

Find out who's king of the browser rendering sweepstakes, and which browser-come-lately has an "impossible" end-user license agreement - not to mention a couple of serious security flaws.

Leaky Addons Make for Big Security Risks for Firefox Users

MarkSoper — Wed, 30 Jan 2008 16:23:52 -0600

Find out why your favorite Firefox add-ons can leave your system crying "Don't Chrome Me, Bro!" - and how to protect yourself.

Fake Microsoft Update Email Can Ruin Your Evening - Stop It Now!

Mark Soper — Tue, 22 Jan 2008 21:25:52 -0600

You know that Microsoft never sends out email messages with links to Microsoft Update or Windows Update. Do your friends, family and co-workers know that? If they don't - be prepared to mop up the mess.

Google's in the XSS Crosshairs - and So Are You

Mark Soper — Mon, 24 Sep 2007 23:32:52 -0500

Googling your way around the Internet? Watch out - cross site scripting (XSS) makes Google and other sites less safe than you think.