A Black Hat EU presentation exposed security problems with the cross-site scripting (XSS) filter in Internet Explorer 8. Microsoft plans to ship an update to the filter to fix what is hopefully the last remaining attack scenario. The researchers released demos to show that the issue introduces security problems at several high-profile sites, including Microsoft s own Bing.com, Google.com, Wikipedia.org and Twitter.com. Microsoft shipped two separate updates recently with defense-in-depth changes that addressed the bulk of the problems discussed at the conference.
Source: https://threatpost.com/microsoft-fix-ie-8-xss-filter-security-problems-042010/73849/