Monthly Archives: February 2015

Mitigations against critical universal cross-site scripting vulnerability in fully patched Internet Explorer 10 and 11

This week David Leo disclosed a critical universal cross-site scripting vulnerability in fully patched Microsoft Internet Explorer 10 and 11 (from now on called the UXSS leak). He notified Microsoft on October 13 last year, but Microsoft didn’t publish a … Continue reading

Posted in browser security, cross site scripting, security vulnerability, website security | 1 Comment