Microsoft releases new tool to counteract cross site scripting attacks
Microsoft just released a new Anti-XSS tool that works with .NET Framework 1.0, 1.1 and 2.0. Anytime you echo user input back to the Web Page you are susceptible either persistent or non-persistent cross site scripting attacks.
...The Microsoft Anti-XSS tool follows an Accept-only approach in which this tool looks for a finite set of valid input and everything else is considered invalid. This approach will provide a more comprehensive protection to XSS and reduce the ability to trick HttpUtility.HtmlEncode with canonical representations attacks. Microsoft Release new Anti-XSS tool Via Dana Epp's ramblings at the Sanctuary
Back to: PC Security, privacy news