Microsoft to issue third fix for XSS filter in IE8 that can be exploited to launch cross-site scripting attacks on Web sites.
The good news about Yahoo's security team is that it's finally offering bounties for independent researchers who uncover bugs. The bad news is that the bounty itself isn't exactly competitive.
It seems your security might be worth more than $12.50 after all. Yahoo's security team previews a new vulnerability reporting policy with rewards between $150 and $15,000.
The bounty for cross-site scripting bugs on Google Accounts, for instance, more than doubles to $7,500. The cash rewards tied to Gmail and Google Wallet get hefty bumps, too.
XSS vulnerability allows attacks to steal and replace tracking cookies, as well as read and send e-mail from a victim's account.
Identification of a problem with Microsoft's OS merits an award from Google's Chrome security effort. Also, Chrome 22 improves Web-based games, and Chrome for iOS supports the iPhone 5.
In an attempt to combat internal breaches, the social networking giant will reward researchers who spot weaknesses in its corporate network.
Facebook helps users get their malware infected computers cleaned up.
HTML5 and other standards haven't yet caught up to Flash Player, but Adobe thinks they can surpass it -- and it's working to make that happen. Also: What to do about the Retina display conundrum?
The battle rages among developers as to what works best--native apps or HTML 5. Here's the bet Yahoo is making.