My RSS reader popped up with a new article from the IEBlog today, for those that don’t know the IEBlog is the web log from the Microsoft Internet Explorer team.

The article is over at http://blogs.msdn.com/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx detailing that Internet Explorer 8 Beta 2 will include a Type-1 XSS Filter.  This is fantastic news as along with phishing and nigerian 419 scams, XSS attacks are an evil crime designed to simply steal user’s personal information or money.

Sure us developers should make sure we never make websites vulnerable to XSS scams but that doesn’t excuse people actually using XSS to steal information.  Heck even PayPal recently had an XSS vulnerability.

Well now finally the web browser manufacturers are going to start protecting users who don’t have enough knowledge or even need to know anything about XSS.