RubyOnRails vulnerability has affected Twitter, but not IE8 users
Last week, it became aware of a vulnerability in the popular Ruby On Rails web development engine based on Cross-site scripting (XSS).
The vulnerability has reached many popular services, including the notorious Twitter. The error crept into work with Unicode and allowed reproducing arbitrary JavaScript code. Detailed information about this incident can be read on Ars Technica . The error was promptly corrected, however, given the audience of services, it could have a significant negative effect.
At the same time, the vulnerability did not affect Internet Explorer 8 users. IE8 has a built-in XSS filter that automatically protects users from such attacks — code is blocked and a warning message is displayed from above.
')
This is further evidence that the Internet is impossible without threats and attacks, and users need adequate protection. IE8 has a whole host of security and reliability features. I described this in more detail in the online report .
Recall that according to a recent study of NSS Labs, Internet Explorer 8 is the safest browser in the field of protection against malware and phishing.
The vulnerability has reached many popular services, including the notorious Twitter. The error crept into work with Unicode and allowed reproducing arbitrary JavaScript code. Detailed information about this incident can be read on Ars Technica . The error was promptly corrected, however, given the audience of services, it could have a significant negative effect.
At the same time, the vulnerability did not affect Internet Explorer 8 users. IE8 has a built-in XSS filter that automatically protects users from such attacks — code is blocked and a warning message is displayed from above.
')
This is further evidence that the Internet is impossible without threats and attacks, and users need adequate protection. IE8 has a whole host of security and reliability features. I described this in more detail in the online report .
Recall that according to a recent study of NSS Labs, Internet Explorer 8 is the safest browser in the field of protection against malware and phishing.
Source: https://habr.com/ru/post/68909/
All Articles